index
:
chango.git
devmain
fix-31295
initial-branch
main
stable/5.2.x
stable/6.0.x
django
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
docs
/
ref
/
csrf.txt
Age
Commit message (
Expand
)
Author
2019-03-28
[2.2.x] Fixed #30299 -- Removed jQuery dependency from getCookie() in CSRF docs.
Tim Graham
2018-11-15
Used auto-numbered lists in documentation.
François Freitag
2018-10-25
Fixed #29879 -- Added CSRF_COOKIE_HTTPONLY to CSRF AJAX docs.
Mayank Singhal
2018-10-18
Fixed #29858 -- Clarified docs regarding CSRF token header name.
Tim Graham
2018-07-18
Removed duplicate words in docs.
Maxime Lorant
2018-05-12
Alphabetized imports in various docs.
Mariusz Felisiak
2018-05-02
Fixed #29375 -- Removed empty action attribute on HTML forms.
CHI Cheng
2018-04-13
Fixed #27863 -- Added support for the SameSite cookie flag.
Alex Gaynor
2017-09-22
Removed versionadded/changed annotations for 1.11.
Tim Graham
2017-06-22
Refs #16870 -- Doc'd that CSRF protection requires the Referer header.
Flávio Juvenal
2017-05-22
Updated various links in docs to avoid redirects
Claude Paroz
2017-01-20
Refs #16859 -- Updated CSRF FAQ to mention CSRF_USE_SESSIONS setting.
Alasdair Nicol
2017-01-17
Removed versionadded/changed annotations for 1.10.
Tim Graham
2016-11-30
Refs #16859 -- Allowed storing CSRF tokens in sessions.
Raphael Michel
2016-06-28
Used strict comparison in docs/ref/csrf.txt's JavaScript.
Camilo Nova
2016-06-04
Fixed #26628 -- Changed CSRF logger to django.security.csrf.
Holly Becker
2016-06-03
Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation.
B. J. Potter
2016-06-03
Added syntax highlighting to CSRF example.
B. J. Potter
2016-06-02
Refs #26628 -- Documented CSRF failure logging.
Holly Becker
2016-05-20
Removed versionadded/changed annotations for 1.9.
Tim Graham
2016-05-19
Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
Shai Berger
2016-05-17
Fixed #26601 -- Improved middleware per DEP 0005.
Florian Apolloner
2016-05-03
Fixed #26567 -- Updated references to obsolete RFC2616.
Vasiliy Faronov
2016-04-05
Fixed #26201 -- Documented the consequences of rotating the CSRF token on login.
Vaclav Ehrlich
2016-03-01
Fixed #26165 -- Added some FAQs about CSRF protection.
acemaster
2016-02-09
Fixed #26181 -- Corrected AngularJS CSRF example.
userimack
2016-01-21
Changed `action="."` to `action=""` in tests and docs.
Luke Plant
2016-01-15
Added docs about configuring CSRF support in AngularJS.
Danilo Bargen
2015-12-23
Fixed #25969 -- Replaced render_to_response() with render() in docs examples.
Tim Graham
2015-12-01
Fixed #25778 -- Updated docs links to use https when available.
Jon Dufresne
2015-11-16
Fixed #25755 -- Unified spelling of "website".
Agnieszka Lasyk
2015-09-16
Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
Matt Robenolt
2015-09-05
Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.
Joshua Kehn
2015-08-19
Recommended the JavaScript Cookie library instead of jQuery cookie.
Marc
2015-05-01
Updated capitalization in the word "JavaScript" for consistency
Dave Hodder
2015-03-05
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
Grzegorz Slusarek
2014-12-28
Deprecated TEMPLATE_CONTEXT_PROCESSORS.
Aymeric Augustin
2014-12-28
Moved context_processors from django.core to django.template.
Aymeric Augustin
2014-11-15
Fixed #23825 -- Added links for decorating class-based views to the CSRF docs.
Fabio Natali
2014-11-03
Moved CSRF docs out of contrib.
Thomas Chaumeny