summaryrefslogtreecommitdiff
path: root/django/core/checks/security/base.py
AgeCommit message (Expand)Author
2026-05-07Fixed #37084 -- Added CSP nonce context processor system check.Milad Zarour
2025-10-13Replaced multi-level relative imports with absolute imports in django/.lyova24
2025-07-23Refs #36500 -- Rewrapped long docstrings and block comments via a script.django-bot
2025-06-27Fixed #15727 -- Added Content Security Policy (CSP) support.Rob Hudson
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2022-02-01Fixed #30360 -- Added support for secret key rotation.tschilling
2021-04-30Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.Tim Graham
2021-03-30Fixed #31840 -- Added support for Cross-Origin Opener Policy header.bankc
2021-01-14Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.Mariusz Felisiak
2020-11-11Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenera...Artem Kosenko
2020-08-04Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.Mariusz Felisiak
2020-07-29Fixed #29324 -- Made SECRET_KEY validation lazy (on first access).Florian Apolloner
2019-09-09Fixed #29406 -- Added support for Referrer-Policy header.Nick Pope
2019-09-09Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.Claude Paroz
2019-08-05Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER s...Adnan Umer
2018-10-30Capitalized SecurityMiddleware headers for consistency with other headers.Artur Juraszek
2017-01-17Refs #26601 -- Removed support for old-style middleware using settings.MIDDLE...Tim Graham
2016-08-10Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD.Ed Morley
2016-05-17Fixed #26601 -- Improved middleware per DEP 0005.Florian Apolloner
2015-07-15Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS.rroskam
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2014-09-12Fixed #17101 -- Integrated django-secure and added check --deploy optionTim Graham