summaryrefslogtreecommitdiff
path: root/docs/ref/csrf.txt
AgeCommit message (Expand)Author
2019-03-28[2.2.x] Fixed #30299 -- Removed jQuery dependency from getCookie() in CSRF docs.Tim Graham
2018-11-15Used auto-numbered lists in documentation.François Freitag
2018-10-25Fixed #29879 -- Added CSRF_COOKIE_HTTPONLY to CSRF AJAX docs.Mayank Singhal
2018-10-18Fixed #29858 -- Clarified docs regarding CSRF token header name.Tim Graham
2018-07-18Removed duplicate words in docs.Maxime Lorant
2018-05-12Alphabetized imports in various docs.Mariusz Felisiak
2018-05-02Fixed #29375 -- Removed empty action attribute on HTML forms.CHI Cheng
2018-04-13Fixed #27863 -- Added support for the SameSite cookie flag.Alex Gaynor
2017-09-22Removed versionadded/changed annotations for 1.11.Tim Graham
2017-06-22Refs #16870 -- Doc'd that CSRF protection requires the Referer header.Flávio Juvenal
2017-05-22Updated various links in docs to avoid redirectsClaude Paroz
2017-01-20Refs #16859 -- Updated CSRF FAQ to mention CSRF_USE_SESSIONS setting.Alasdair Nicol
2017-01-17Removed versionadded/changed annotations for 1.10.Tim Graham
2016-11-30Refs #16859 -- Allowed storing CSRF tokens in sessions.Raphael Michel
2016-06-28Used strict comparison in docs/ref/csrf.txt's JavaScript.Camilo Nova
2016-06-04Fixed #26628 -- Changed CSRF logger to django.security.csrf.Holly Becker
2016-06-03Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation.B. J. Potter
2016-06-03Added syntax highlighting to CSRF example.B. J. Potter
2016-06-02Refs #26628 -- Documented CSRF failure logging.Holly Becker
2016-05-20Removed versionadded/changed annotations for 1.9.Tim Graham
2016-05-19Fixed #20869 -- made CSRF tokens change every request by salt-encrypting themShai Berger
2016-05-17Fixed #26601 -- Improved middleware per DEP 0005.Florian Apolloner
2016-05-03Fixed #26567 -- Updated references to obsolete RFC2616.Vasiliy Faronov
2016-04-05Fixed #26201 -- Documented the consequences of rotating the CSRF token on login.Vaclav Ehrlich
2016-03-01Fixed #26165 -- Added some FAQs about CSRF protection.acemaster
2016-02-09Fixed #26181 -- Corrected AngularJS CSRF example.userimack
2016-01-21Changed `action="."` to `action=""` in tests and docs.Luke Plant
2016-01-15Added docs about configuring CSRF support in AngularJS.Danilo Bargen
2015-12-23Fixed #25969 -- Replaced render_to_response() with render() in docs examples.Tim Graham
2015-12-01Fixed #25778 -- Updated docs links to use https when available.Jon Dufresne
2015-11-16Fixed #25755 -- Unified spelling of "website".Agnieszka Lasyk
2015-09-16Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.Matt Robenolt
2015-09-05Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.Joshua Kehn
2015-08-19Recommended the JavaScript Cookie library instead of jQuery cookie.Marc
2015-05-01Updated capitalization in the word "JavaScript" for consistencyDave Hodder
2015-03-05Fixed #21495 -- Added settings.CSRF_HEADER_NAMEGrzegorz Slusarek
2014-12-28Deprecated TEMPLATE_CONTEXT_PROCESSORS.Aymeric Augustin
2014-12-28Moved context_processors from django.core to django.template.Aymeric Augustin
2014-11-15Fixed #23825 -- Added links for decorating class-based views to the CSRF docs.Fabio Natali
2014-11-03Moved CSRF docs out of contrib.Thomas Chaumeny