| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-08-20 | Prevented data leakage in contrib.admin via query string manipulation. | Simon Charette | |
| This is a security fix. Disclosure following shortly. | |||
| 2013-05-25 | Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation. | Preston Holmes | |
| SuspiciousOperations have been differentiated into subclasses, and are now logged to a 'django.security.*' logger. SuspiciousOperations that reach django.core.handlers.base.BaseHandler will now return a 400 instead of a 500. Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft for review. | |||
