<feed xmlns='http://www.w3.org/2005/Atom'>
<title>chango.git/django/http, branch devmain</title>
<subtitle>django
</subtitle>
<id>http://cgit.adnoto.dev/chango.git/atom?h=devmain</id>
<link rel='self' href='http://cgit.adnoto.dev/chango.git/atom?h=devmain'/>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/'/>
<updated>2026-06-10T14:17:34Z</updated>
<entry>
<title>Fixed #37142 -- Moved django_file_prefixes() to django.utils.warnings.</title>
<updated>2026-06-10T14:17:34Z</updated>
<author>
<name>zhengkangyang</name>
<email>1872483761@qq.com</email>
</author>
<published>2026-06-06T08:17:24Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=f970a98e464320c09dde8d45009eadfb4d038a57'/>
<id>urn:sha1:f970a98e464320c09dde8d45009eadfb4d038a57</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Refs #36905 -- Moved JSONResponse safe param discussion to versionchanged box.</title>
<updated>2026-06-03T20:40:21Z</updated>
<author>
<name>Jacob Walls</name>
<email>jacobtylerwalls@gmail.com</email>
</author>
<published>2026-06-01T14:38:44Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=b5d9dbdf2bba8df4c85cd0db308b3a467d763d02'/>
<id>urn:sha1:b5d9dbdf2bba8df4c85cd0db308b3a467d763d02</id>
<content type='text'>
Follow-up to 6e15ac8066312328de279e3e072667416c205bfc.
</content>
</entry>
<entry>
<title>Fixed CVE-2026-6873 -- Prevented signed cookie salt namespace collisions.</title>
<updated>2026-06-03T11:37:26Z</updated>
<author>
<name>Paul McMillan</name>
<email>paul@mcmillan.ws</email>
</author>
<published>2026-05-08T20:13:58Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=70d36515b9cc71700105a14b275583070d48b689'/>
<id>urn:sha1:70d36515b9cc71700105a14b275583070d48b689</id>
<content type='text'>
Made signed cookies derive their signer namespace from an injective
encoding of `(name, salt)` while preserving compatibility with legacy
`name + salt` cookies behind SIGNED_COOKIE_LEGACY_SALT_FALLBACK.

Thanks Peng Zhou for the report, and Shai Berger, Markus Holterman,
Jake Howard, and Paul McMillan for reviews.

Co-authored-by: Jacob Walls &lt;jacobtylerwalls@gmail.com&gt;
Co-authored-by: Natalia &lt;124304+nessita@users.noreply.github.com&gt;
</content>
</entry>
<entry>
<title>Fixed #37103 -- Made HttpRequest.body handle malformed CONTENT_LENGTH.</title>
<updated>2026-06-02T09:06:28Z</updated>
<author>
<name>Lier0102</name>
<email>minehammer26@gmail.com</email>
</author>
<published>2026-05-17T11:15:39Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=ba70e1bcdd8dc879c7d5fc7a3d12b5831eb08540'/>
<id>urn:sha1:ba70e1bcdd8dc879c7d5fc7a3d12b5831eb08540</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fixed #36905 -- Deprecated the safe parameter of JSONResponse.</title>
<updated>2026-05-27T15:41:48Z</updated>
<author>
<name>Tim Harris</name>
<email>timharris@Tims-MacBook-Air-2.local</email>
</author>
<published>2026-05-19T00:06:06Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=6e15ac8066312328de279e3e072667416c205bfc'/>
<id>urn:sha1:6e15ac8066312328de279e3e072667416c205bfc</id>
<content type='text'>
Peer frameworks have long since dropped their analogous checks for this
vulnerability that was fixed in ES5.
</content>
</entry>
<entry>
<title>Fixed #37100 -- Prevented control characters in HttpResponse reason_phrase.</title>
<updated>2026-05-22T14:57:39Z</updated>
<author>
<name>Varun Kasyap</name>
<email>varunkasyap@hotmail.com</email>
</author>
<published>2026-05-16T06:56:14Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=53645750412efa1e9013004040db328bd515e0f1'/>
<id>urn:sha1:53645750412efa1e9013004040db328bd515e0f1</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fixed #37095 -- Checked maximum redirect lengths against percent-encoded URLs.</title>
<updated>2026-05-12T19:58:53Z</updated>
<author>
<name>Jacob Walls</name>
<email>jacobtylerwalls@gmail.com</email>
</author>
<published>2026-05-12T19:27:59Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=335c6d0129400eda792f3bec5c71bb28af5e5d37'/>
<id>urn:sha1:335c6d0129400eda792f3bec5c71bb28af5e5d37</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fixed #37053 -- Added validate=True to base64.b64decode() calls.</title>
<updated>2026-05-06T00:13:40Z</updated>
<author>
<name>Sarah Boyce</name>
<email>42296566+sarahboyce@users.noreply.github.com</email>
</author>
<published>2026-04-20T12:07:29Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=57b23d15259c32dba80bb093645242f1b3b25365'/>
<id>urn:sha1:57b23d15259c32dba80bb093645242f1b3b25365</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fixed #36767 -- Allowed max redirect URL length to be set on HttpResponseRedirect.</title>
<updated>2026-05-04T21:09:20Z</updated>
<author>
<name>varunkasyap</name>
<email>varunkasyap@hotmail.com</email>
</author>
<published>2025-11-22T06:22:36Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=d75d57c2c06934a65feabd206129b9d1a230a1da'/>
<id>urn:sha1:d75d57c2c06934a65feabd206129b9d1a230a1da</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fixed #36991 -- Raised BadRequest for invalid encodings in Content-Type headers.</title>
<updated>2026-04-22T18:25:08Z</updated>
<author>
<name>Dinesh</name>
<email>dineshthumma15@gmail.com</email>
</author>
<published>2026-03-21T17:21:11Z</published>
<link rel='alternate' type='text/html' href='http://cgit.adnoto.dev/chango.git/commit/?id=dc467fdc3b5744cec71fab876c23a14013e2510b'/>
<id>urn:sha1:dc467fdc3b5744cec71fab876c23a14013e2510b</id>
<content type='text'>
</content>
</entry>
</feed>
