| Age | Commit message (Collapse) | Author |
|
This initial work adds a pair of settings to configure specific CSP
directives for enforcing or reporting policy violations, a new
`django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the
appropriate headers to responses, and a context processor to support CSP
nonces in templates for safely inlining assets.
Relevant documentation has been added for the 6.0 release notes,
security overview, a new how-to page, and a dedicated reference section.
Thanks to the multiple reviewers for their precise and valuable feedback.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
|
|
Thanks to Bhuvnesh Sharma and Adam Johnson for mentoring this Google
Summer of Code 2024 project. Thanks to Sarah Boyce, David Smith, Jacob
Walls and Natalia Bidart for reviews.
|
|
Previously, this was a bare list of sub-pages, not in any discernible
order, and hard to parse.
Now the sub-pages are grouped in sections by topic. It's unlikely to be
the final word on how this material is arranged, but it's a clear
improvement on the existing arrangement and provides a good basis for
next steps.
|
|
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
Co-authored-by: shangxiao <shang.xiao.sanders@gmail.com>
Co-authored-by: sarahboyce <42296566+sarahboyce@users.noreply.github.com>
Co-authored-by: felixxm <felisiak.mariusz@gmail.com>
|
|
|
|
Moved how-to material from topic document into a new document, and
added new material. Introduced minor improvements to logging
reference document.
|
|
|
|
There is still no further progress on Jython 3 since support for Jython
was stripped in Django 2.0. The developers experimenting with Jython 3
have stated that they would need to start from scratch, so it doesn't
look as though it will materialize for years to come.
Python 2 and Django 1.11, the last version to support Python 2.7, will
both be end-of-life before Django 3.1 is released. We should no longer
instruct users to use an unsupported version of Django.
|
|
|
|
|
|
|
|
Thanks Anssi and Tim for reviews.
|
|
|
|
Thanks Donald Stufft for the suggestion and
Susan Tan and Brian Fabian Crain for the patch.
|
|
Thanks Jan Murre, Reinout van Rees and Wim Feijen,
plus Remco Wendt for reviewing.
|
|
Thanks to baumer1122 for the suggestion and initial
patch and David Fischer for the contributions and
long term patch maintenance and docs.
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17703 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
USE_I18N/USE_L10N and the concepts of internationalization/localisation. Re
moved some duplicate content.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17026 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
about newly added Trac abilities. Many thanks to Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16284 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
everyone who added their advice, feedback, and wisdom to the wiki article while constructing this new guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15645 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks, Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13608 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12440 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
for supporting external authentication solutions. Thanks to all who contributed to this patch, including Ian Holsman, garthk, Koen Biermans, Marc Fargas, ekarulf, and Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10063 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
originally written by Leo Soto, and then cleaned up a bit by me.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
http://docs.djangoproject.com/.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|