| Age | Commit message (Expand) | Author |
|---|---|---|
| 2018-10-30 | Capitalized SecurityMiddleware headers for consistency with other headers. | Artur Juraszek |
| 2017-01-17 | Refs #26601 -- Removed support for old-style middleware using settings.MIDDLE... | Tim Graham |
| 2016-12-19 | Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. | Tim Graham |
| 2016-12-17 | Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS. | Raphael Michel |
| 2016-11-14 | Fixed E305 flake8 warnings. | Ramin Farajpour Cami |
| 2016-08-10 | Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD. | Ed Morley |
| 2016-05-17 | Fixed #26601 -- Improved middleware per DEP 0005. | Florian Apolloner |
| 2015-07-15 | Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. | rroskam |
| 2015-02-06 | Sorted imports with isort; refs #23860. | Tim Graham |
| 2014-09-12 | Fixed #17101 -- Integrated django-secure and added check --deploy option | Tim Graham |
