innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/middleware
History
Aymeric Augustin 1170f285dd [1.4.x] Prevented leaking the CSRF token through caching. 
This is a security fix. Disclosure will follow shortly.

Backport of c083e3815a from master
 		2014-04-21 18:31:44 -04:00
..
__init__.py Imported Django from private SVN repository (created from r. 8825) 2005-07-13 01:25:57 +00:00
cache.py [1.4.x] Prevented leaking the CSRF token through caching. 2014-04-21 18:31:44 -04:00
clickjacking.py Fixed #14261 - Added clickjacking protection (X-Frame-Options header) 2011-05-30 22:27:47 +00:00
common.py Fixed #17734 -- Made sure to only redirect translated URLs if they can actually be resolved to prevent unwanted redirects. Many thanks to Orne Brocaar and Anssi Kääriäinen for input. 2012-03-02 11:07:36 +00:00
csrf.py Documentation (and some small source code) edits from [17432] - [17537] 2012-02-17 20:04:11 +00:00
doc.py Fixed #14506 -- Added an assertion to XViewMiddleware about the dependency on the authentication middleware. Thanks, vanschelven. 2011-07-03 17:56:25 +00:00
gzip.py Fixed #16035 -- Appended the Etag response header if the GZipMiddleware is in use to follow RFC2616 better. Thanks, ext and dracos2. 2012-02-09 18:57:13 +00:00
http.py Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for the work on the patch and Alex for reviewing. 2011-07-13 09:35:51 +00:00
locale.py Fixed #17817 -- Modified LocalMiddleware to use full URLs when redirecting to i18n URLs. Thanks to Paul for keeping an eye on the standards. 2012-03-02 22:35:26 +00:00
transaction.py [1.4.x] Fixed #19707 -- Reset transaction state after requests 2013-02-10 17:34:38 +02:00