django.git/docs/topics/http/middleware.txt, branch archive/soc2010/app-loading

django.git/docs/topics/http/middleware.txt, branch archive/soc2010/app-loading django http://cgit.adnoto.dev/django.git/atom?h=archive%2Fsoc2010%2Fapp-loading 2010-09-13T00:04:27Z [soc2010/app-loading] merged trunk 2010-09-13T00:04:27Z Arthur Koziel arthur@arthurkoziel.com 2010-09-13T00:04:27Z urn:sha1:dd49269c7db008b2567f50cb03c4d3d9b321daa1 git-svn-id: http://code.djangoproject.com/svn/django/branches/soc2010/app-loading@13818 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Fixed #13120: Corrected typo in middleware doc. Thanks django@willhardy.com.au. 2010-03-16T14:40:03Z Karen Tracey kmtracey@gmail.com 2010-03-16T14:40:03Z urn:sha1:3c59067a4f2f7f9281bc425378555262a03c0077 git-svn-id: http://code.djangoproject.com/svn/django/trunk@12793 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Fixed #12795 - Updated the middleware docs to include the messages app middleware. Thanks, Timo. 2010-02-21T23:40:03Z Jannis Leidel jannis@leidel.info 2010-02-21T23:40:03Z urn:sha1:1559f64549ebcc158a5d2bece208f674fa96f537 git-svn-id: http://code.djangoproject.com/svn/django/trunk@12465 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Moved contrib.csrf.* to core code. 2009-10-27T00:36:34Z Luke Plant L.Plant.98@cantab.net 2009-10-27T00:36:34Z urn:sha1:7230a995ce81a7b8dd093bd03cc5ebd34106ee80 There is stub code for backwards compatiblity with Django 1.1 imports. The documentation has been updated, but has been left in docs/contrib/csrf.txt for now, in order to avoid dead links to documentation on the website. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default. 2009-10-26T23:23:07Z Luke Plant L.Plant.98@cantab.net 2009-10-26T23:23:07Z urn:sha1:8e70cef9b67433edd70935dcc30c621d1e7fc0a0 This is a large change to CSRF protection for Django. It includes: * removing the dependency on the session framework. * deprecating CsrfResponseMiddleware, and replacing with a core template tag. * turning on CSRF protection by default by adding CsrfViewMiddleware to the default value of MIDDLEWARE_CLASSES. * protecting all contrib apps (whatever is in settings.py) using a decorator. For existing users of the CSRF functionality, it should be a seamless update, but please note that it includes DEPRECATION of features in Django 1.1, and there are upgrade steps which are detailed in the docs. Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work on the patch, and to lots of other people including Simon Willison and Russell Keith-Magee who refined the ideas. Details of the rationale for these changes is found here: http://code.djangoproject.com/wiki/CsrfProtection As of this commit, the CSRF code is mainly in 'contrib'. The code will be moved to core in a separate commit, to make the changeset as readable as possible. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Fixed #11322 -- Clarified docs regarding middleware processing. Thanks the Michael Malone for the patch. 2009-06-18T13:34:27Z Russell Keith-Magee russell@keith-magee.com 2009-06-18T13:34:27Z urn:sha1:d71097111ae1a5f54c8413be4b9af0c97b8904ef git-svn-id: http://code.djangoproject.com/svn/django/trunk@11048 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Fixed a whole bunch of small docs typos, errors, and ommissions. 2009-04-03T18:30:54Z Jacob Kaplan-Moss jacob@jacobian.org 2009-04-03T18:30:54Z urn:sha1:c6c25adf6d9f71ea11f61392f6f3d221f01e5216 Fixes #8358, #8396, #8724, #9043, #9128, #9247, #9267, #9267, #9375, #9409, #9414, #9416, #9446, #9454, #9464, #9503, #9518, #9533, #9657, #9658, #9683, #9733, #9771, #9835, #9836, #9837, #9897, #9906, #9912, #9945, #9986, #9992, #10055, #10084, #10091, #10145, #10245, #10257, #10309, #10358, #10359, #10424, #10426, #10508, #10531, #10551, #10635, #10637, #10656, #10658, #10690, #10699, #19528. Thanks to all the respective authors of those tickets. git-svn-id: http://code.djangoproject.com/svn/django/trunk@10371 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Made default MIDDLEWARE_CLASSES same as in project_template. 2009-03-23T23:20:40Z Luke Plant L.Plant.98@cantab.net 2009-03-23T23:20:40Z urn:sha1:cdc8c61bc3b7ba3e9b7316ae7ab1a65756ef79a2 And updated docs, and also corrected them about middleware by removing 'XViewMiddleware' git-svn-id: http://code.djangoproject.com/svn/django/trunk@10129 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Reverted 10094 and 10095 (in favour of solution that will hopefully land for beta 2) 2009-03-23T23:02:46Z Luke Plant L.Plant.98@cantab.net 2009-03-23T23:02:46Z urn:sha1:20f7e514930d108e4abb7f1af6f21edc00206030 git-svn-id: http://code.djangoproject.com/svn/django/trunk@10128 bcc190cf-cafb-0310-a4f2-bffc1f526a37 Updated all refs to default middleware in docs. 2009-03-19T23:28:16Z Luke Plant L.Plant.98@cantab.net 2009-03-19T23:28:16Z urn:sha1:4e7a4eda3d442f44f778bddb5668ba1e4947559f (adding CSRF, removing XView which is no longer a default) git-svn-id: http://code.djangoproject.com/svn/django/trunk@10095 bcc190cf-cafb-0310-a4f2-bffc1f526a37