test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
django/docs/ref
History
Carlton Gibson 54d0f5e62f Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.

HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.

Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
 		2019-07-01 07:48:04 +02:00
..
class-based-views Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. 2019-01-17 10:50:25 -05:00
contrib Removed unnecessary backslashes from docs. 2019-06-20 14:04:36 +02:00
files Fixed "byte string" typo in various docs and comments. 2019-03-28 10:00:12 +01:00
forms Changed docs to link to Python's description of iterable. 2019-05-17 17:27:19 +02:00
models Fixed typo in docs/ref/models/indexes.txt. 2019-06-24 08:58:56 +02:00
templates Refs #20122 -- Corrected documentation of pluralize template filter. 2019-05-03 11:35:19 +02:00
applications.txt Used auto-numbered lists in documentation. 2018-11-15 13:54:28 -05:00
checks.txt Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField. 2019-06-21 15:03:17 +02:00
clickjacking.txt Used auto-numbered lists in documentation. 2018-11-15 13:54:28 -05:00
csrf.txt Fixed #30299 -- Removed jQuery dependency from getCookie() in CSRF docs. 2019-03-28 19:51:54 -04:00
databases.txt Refs #29548 -- Updated docs for MariaDB support. 2019-05-27 19:59:49 +02:00
django-admin.txt Fixed typo in docs/ref/django-admin.txt. 2019-05-07 11:17:24 +02:00
exceptions.txt Fixed #30451 -- Added ASGI handler and coroutine-safety. 2019-06-20 12:29:43 +02:00
index.txt Moved CSRF docs out of contrib. 2014-11-03 07:47:39 -05:00
middleware.txt Removed redundant object descriptions to prevent warnings with Sphinx 2.1.0. 2019-06-03 14:08:51 +02:00
migration-operations.txt Fixed typo in docs/ref/migration-operations.txt. 2019-01-02 17:56:25 -05:00
request-response.txt Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
schema-editor.txt Removed versionadded/changed annotations for 1.11. 2017-09-22 12:51:18 -04:00
settings.txt Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set. 2019-07-01 07:48:04 +02:00
signals.txt Fixed typos in signals and custom management commands docs. 2019-06-19 08:40:46 +02:00
template-response.txt Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. 2019-01-17 10:50:25 -05:00
unicode.txt Removed unnecessary /static from links to PostgreSQL docs. 2019-03-29 21:49:44 -04:00
urlresolvers.txt Fixed #28766 -- Added ResolverMatch.route. 2018-12-06 18:05:40 -05:00
urls.txt Refs #24733 -- Documented arguments for custom error views. 2018-07-31 17:02:40 -04:00
utils.txt Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator. 2019-06-26 09:25:24 +02:00
validators.txt Fixed #29860 -- Allowed BaseValidator to accept a callable limit_value. 2018-10-22 10:26:54 -04:00
views.txt Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201. 2017-09-20 18:04:42 -04:00