django http://cgit.adnoto.dev/django.git/atom?h=6.0.2 2025-12-24T17:48:16Z 2025-12-24T17:48:16Z Sean Reed sean@sean-reed.com 2025-12-19T21:09:25Z urn:sha1:16107ab710dc23d5ea0aa17da6bf29fe89b61bb0 Moved nonce generation in ``django.utils.csp.LazyNonce`` to a function to avoid infinite recursion in ``SimpleLazyObject.__repr__`` for unevaluated instances. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> Backport of 165c3599965e63f88649a46fcc2ff681c52f2f66 from main. 2025-07-23T23:17:55Z django-bot ops@djangoproject.com 2025-07-23T03:41:41Z urn:sha1:69a93a88edb56ba47f624dac7a21aacc47ea474f Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505. 2025-06-27T18:57:02Z Rob Hudson rob@cogit8.org 2025-05-03T17:01:58Z urn:sha1:d63241ebc7067fdebbaf704989b34fcd8f26bbe9 This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>