summaryrefslogtreecommitdiff
path: root/django/middleware
AgeCommit message (Expand)Author
2013-10-18[1.6.x] Fixed bug causing CSRF token not to rotate on login.Tim Graham
2013-06-19Removed several unused imports.Aymeric Augustin
2013-05-26Replaced `and...or...` constructs with PEP 308 conditional expressions.Ramiro Morales
2013-05-25Fixed #20099 -- Eased subclassing of BrokenLinkEmailsMiddlewareClaude Paroz
2013-05-25Fixed #14825 -- LocaleMiddleware keeps languageVlastimil Zíma
2013-05-24Rotate CSRF token on loginAndrew Godwin
2013-05-19Fixed #20126 -- XViewMiddleware moved to django.contrib.admindocs.middlewareŁukasz Langa
2013-05-19Fixed #11915: generic Accept-Language matches country-specific variantsŁukasz Langa
2013-05-18Fixed #15201: Marked CACHE_MIDDLEWARE_ANONYMOUS_ONLY as deprecatedŁukasz Langa
2013-05-18Fixed #19436 -- Don't log warnings in ensure_csrf_cookie.Olivier Sels
2013-05-18Fixed #20356 -- Prevented crash when HTTP_REFERER contains non-asciiClaude Paroz
2013-03-11Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.Aymeric Augustin
2013-03-11Deprecated transaction.is_managed().Aymeric Augustin
2013-03-11Made transaction.managed a no-op and deprecated it.Aymeric Augustin
2013-02-28Fixed #5241 -- Kept active transalation in LocaleMiddleware.process_response.Aymeric Augustin
2013-02-23Fixes #17866: Vary: Accept-Language header when language prefix usedŁukasz Langa
2013-02-10Fixed #19707 -- Reset transaction state after requestsAnssi Kääriäinen
2013-02-07Fixed #15808 -- Added optional HttpOnly flag to the CSRF Cookie.Aymeric Augustin
2013-01-29Fixed typos in docs and commentsTim Graham
2013-01-15Fixed #19099 -- Split broken link emails out of common middleware.Aymeric Augustin
2013-01-11Fixed #19488 -- Made i18n_patterns redirect work with non-slash-ending pathsClaude Paroz
2012-12-29Removed IGNORABLE_404_STARTS/ENDS settings.Aymeric Augustin
2012-12-24Prevented caching of streaming responses.Aymeric Augustin
2012-12-01Fixed #19347 -- Removed unused variable definition in FetchFromCacheMiddlewareClaude Paroz
2012-11-03Fixed #15152 -- Avoided crash of CommonMiddleware on broken querystringAymeric Augustin
2012-10-20Fixed #7581 -- Added streaming responses.Aymeric Augustin
2012-09-20Imported getLogger directly from logging moduleClaude Paroz
2012-09-10fixed rfc comment typo in middleware/csrf.pyCollin Anderson
2012-08-13[py3] Made csrf context processor return UnicodeClaude Paroz
2012-05-03Fixed #18042 -- Advanced deprecation warnings.Aymeric Augustin
2012-03-02Fixed #17817 -- Modified LocalMiddleware to use full URLs when redirecting to...Jannis Leidel
2012-03-02Fixed #17734 -- Made sure to only redirect translated URLs if they can actual...Jannis Leidel
2012-02-18Fixed #17720 -- Stopped the LocaleMiddleware from overeagerly using the reque...Jannis Leidel
2012-02-17Documentation (and some small source code) edits from [17432] - [17537]Adrian Holovaty
2012-02-11Fixes #16827. Adds a length check to CSRF tokens before applying the santizin...Paul McMillan
2012-02-09Fixed #17358 -- Updated logging calls to use official syntax for arguments in...Jannis Leidel
2012-02-09Fixed #16035 -- Appended the Etag response header if the GZipMiddleware is in...Jannis Leidel
2012-01-09Fixed #10762, #17514 -- Prevented the GZip middleware from returning a respon...Aymeric Augustin
2011-10-06Fixed #16705 - Made the test client adhere to the WSGI spec -- in particular,...Aymeric Augustin
2011-08-12Fixed #16584 -- Fixed a bunch of typos in code comments. Thanks, Bernhard Essl.Jannis Leidel
2011-07-13Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for t...Jannis Leidel
2011-07-03Fixed #14506 -- Added an assertion to XViewMiddleware about the dependency on...Jannis Leidel
2011-06-15Fixed #11585 -- Added ability to translate and prefix URL patterns with a lan...Jannis Leidel
2011-05-30Fixed #14261 - Added clickjacking protection (X-Frame-Options header)Luke Plant
2011-05-24Made some small tweaks/fixes to documentation from IGNORABLE_404_URLS changes...Adrian Holovaty
2011-05-09Fixed #15258 - Ajax CSRF protection doesn't apply to PUT or DELETE requestsLuke Plant
2011-05-09Fixed #14134 - ability to set cookie 'path' and 'secure' attributes of CSRF c...Luke Plant
2011-05-05Fixed #15954 - New IGNORABLE_404_URLS setting that allows more powerful filte...Luke Plant
2011-03-30Removed deprecated CsrfResponseMiddleware, and corresponding tests and docsLuke Plant
2011-03-30Removed Django 1.1 fallback for CSRF checks.Luke Plant