| Age | Commit message (Expand) | Author |
|---|---|---|
| 2015-12-01 | [1.9.x] Fixed #25778 -- Updated docs links to use https when available. | Jon Dufresne |
| 2015-11-16 | [1.9.x] Fixed #25755 -- Unified spelling of "website". | Agnieszka Lasyk |
| 2015-09-16 | Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN. | Matt Robenolt |
| 2015-09-05 | Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS. | Joshua Kehn |
| 2015-08-19 | Recommended the JavaScript Cookie library instead of jQuery cookie. | Marc |
| 2015-05-01 | Updated capitalization in the word "JavaScript" for consistency | Dave Hodder |
| 2015-03-05 | Fixed #21495 -- Added settings.CSRF_HEADER_NAME | Grzegorz Slusarek |
| 2014-12-28 | Deprecated TEMPLATE_CONTEXT_PROCESSORS. | Aymeric Augustin |
| 2014-12-28 | Moved context_processors from django.core to django.template. | Aymeric Augustin |
| 2014-11-15 | Fixed #23825 -- Added links for decorating class-based views to the CSRF docs. | Fabio Natali |
| 2014-11-03 | Moved CSRF docs out of contrib. | Thomas Chaumeny |
