index
:
chango.git
devmain
fix-31295
initial-branch
main
stable/5.2.x
stable/6.0.x
django
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
django
/
middleware
Age
Commit message (
Expand
)
Author
2021-09-01
Fixed #32768 -- Added Vary header when redirecting to prefixed i18n pattern.
Alex Hayward
2021-08-17
Refs #32800 -- Added _add_new_csrf_cookie() helper function.
Chris Jerdonek
2021-08-17
Refs #32800 -- Renamed _set_token() to _set_csrf_cookie().
Chris Jerdonek
2021-08-03
Refs #32800 -- Renamed _compare_masked_tokens() to _does_token_match().
Chris Jerdonek
2021-07-29
Refs #32916 -- Replaced request.csrf_cookie_needs_reset with request.META['CS...
Chris Jerdonek
2021-07-29
Fixed #32916 -- Combined request.META['CSRF_COOKIE_USED'] and request.csrf_co...
Chris Jerdonek
2021-07-23
Fixed #32329 -- Made CsrfViewMiddleware catch more specific UnreadablePostError.
Virtosu Bogdan
2021-07-23
Fixed #32902 -- Fixed CsrfViewMiddleware.process_response()'s cookie reset lo...
Chris Jerdonek
2021-06-23
Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token erro...
Chris Jerdonek
2021-06-22
Fixed #32842 -- Refactored out CsrfViewMiddleware._check_token().
Chris Jerdonek
2021-06-12
Fixed comment in CsrfViewMiddleware to say _reject instead of reject.
Chris Jerdonek
2021-06-01
Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted...
Chris Jerdonek
2021-05-31
Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted...
Chris Jerdonek
2021-05-29
Refs #32778 -- Improved the name of the regex object detecting invalid CSRF t...
Chris Jerdonek
2021-05-28
Refs #32596 -- Added early return on safe methods in CsrfViewMiddleware.proce...
Chris Jerdonek
2021-05-28
Refs #32596 -- Optimized CsrfViewMiddleware._check_referer() to delay computi...
Chris Jerdonek
2021-05-28
Fixed #32596 -- Added CsrfViewMiddleware._check_referer().
Chris Jerdonek
2021-05-25
Fixed #32778 -- Avoided unnecessary recompilation of token regex in _sanitize...
abhiabhi94
2021-04-30
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
Tim Graham
2021-03-30
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
bankc
2021-03-25
Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin ...
Chris Jerdonek
2021-03-25
Refs #32579 -- Fixed cookie domain comment in CsrfViewMiddleware.process_view().
Chris Jerdonek
2021-03-25
Refs #32579 -- Optimized good_hosts creation in CsrfViewMiddleware.process_vi...
Chris Jerdonek
2021-03-19
Fixed #32571 -- Made CsrfViewMiddleware handle invalid URLs in Referer header.
Adam Donaghy
2021-03-18
Fixed #16010 -- Added Origin header checking to CSRF middleware.
Tim Graham
2021-03-18
Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme.
Tim Graham
2021-01-14
Refs #26601 -- Made get_response argument required and don't accept None in m...
Mariusz Felisiak
2020-10-28
Made small readability improvements.
Martin Thoma
2020-10-22
Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior.
Carlton Gibson
2020-09-14
Fixed #31789 -- Added a new headers interface to HttpResponse.
Tom Carrick
2020-08-28
Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
Kevin Michel
2020-05-04
Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and c...
Adam Johnson
2020-02-26
Fixed #28699 -- Fixed CSRF validation with remote user middleware.
Colton Hicks
2020-02-25
Fixed #31291 -- Renamed salt to mask for CSRF tokens.
Ram Rachum
2020-02-18
Refs #26601 -- Deprecated passing None as get_response arg to middleware clas...
Claude Paroz
2020-01-16
Fixed #30765 -- Made cache_page decorator take precedence over max-age Cache-...
Flavio Curella
2019-10-29
Fixed #30899 -- Lazily compiled import time regular expressions.
Hasan Ramezani
2019-10-23
Refs #26601 -- Removed obsolete workarounds for MIDDLEWARE_CLASSES setting.
Sergey Fedoseev
2019-09-09
Fixed #29406 -- Added support for Referrer-Policy header.
Nick Pope
2019-09-09
Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.
Claude Paroz
2019-04-24
Removed unnecessary assignments in various code.
Jon Dufresne
2019-03-30
Optimized CommonMiddleware's check for DISALLOWED_USER_AGENTS.
Brad
2019-01-28
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
Jon Dufresne
2018-10-30
Capitalized SecurityMiddleware headers for consistency with other headers.
Artur Juraszek
2018-09-08
Fixed #29728 -- Prevented session resaving if CSRF cookie is unchanged.
Michal Čihař
2018-08-01
Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.
Andreas Hug
2018-05-04
Fixed #26688 -- Fixed HTTP request logging inconsistencies.
Samir Shah
2018-04-13
Fixed #27863 -- Added support for the SameSite cookie flag.
Alex Gaynor
2018-03-16
Fixed hanging indentation in various code.
Mariusz Felisiak
2018-02-14
Fixed #28693 -- Fixed crash in CsrfViewMiddleware when an HTTPS request has a...
Tomer Chachamu
[next]