| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-11-28 | [3.0.x] Fixed #31029 -- Used more specific links to RFCs. | Baptiste Mispelon | |
| Backport of ff1b19da6761217ed1b14cc7e94c6438903565d8 from master | |||
| 2019-11-06 | [3.0.x] Added a link to the file email backend from EMAIL_FILE_PATH setting. | Jon Dufresne | |
| Backport of c8debd50617142937191986aec77a5eee472c28e from master | |||
| 2019-10-11 | [3.0.x] Clarified that SECURE_REDIRECT_EXEMPT patterns should not include ↵ | René Fleschenberg | |
| leading slashes. Backport of d232fd76a85870daf345fd8f8d617fe7802ae194 from master | |||
| 2019-09-13 | [3.0.x] Fixed typos in docs/ref/settings.txt. | Ben Falk | |
| Backport of 4056558a1c9cf650ab6e7cb1a319206d2e8c770f from master | |||
| 2019-09-09 | Fixed #29406 -- Added support for Referrer-Policy header. | Nick Pope | |
| Thanks to James Bennett for the initial implementation. | |||
| 2019-09-09 | Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. | Claude Paroz | |
| 2019-09-06 | Fixed #30573 -- Rephrased documentation to avoid words that minimise the ↵ | Tobias Kunze | |
| involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review. | |||
| 2019-08-18 | Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. | Claude Paroz | |
| 2019-08-05 | Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER ↵ | Adnan Umer | |
| setting. | |||
| 2019-07-01 | Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵ | Carlton Gibson | |
| SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review. | |||
| 2019-06-11 | Changed charset and collation link to MySQL docs. | Mykola Nicholas | |
| 2019-05-27 | Refs #29548 -- Updated docs for MariaDB support. | Mariusz Felisiak | |
| 2019-04-24 | Fixes #30342 -- Removed a system check for LANGUAGES_BIDI setting. | Matthias Kestenholz | |
| This partly reverts commit 4400d8296d268f5a8523cd02ddc33b12219b2535. | |||
| 2019-04-08 | Fixed #30304 -- Added support for the HttpOnly, SameSite, and Secure flags ↵ | Ran Benita | |
| on language cookies. | |||
| 2019-04-02 | Fixed typo in docs/ref/settings.txt. | Mariusz Felisiak | |
| 2019-03-29 | Removed unnecessary /static from links to PostgreSQL docs. | Nick Pope | |
| 2019-03-28 | Moved extlinks in docs config to allow using 'version' variable. | Tim Graham | |
| After a stable branch is created, 'master' will change to 'stable/' + version + '.x'. | |||
| 2019-03-28 | Used extlinks for Django's source code. | Tim Graham | |
| 2019-03-28 | Refs #1660 -- Doc'd the LANGUAGES_BIDI setting. | Nick Pope | |
| 2019-03-27 | Updated spelling and RFCs in HttpOnly cookie flag docs. | Nick Pope | |
| 2019-02-08 | Fixed #30004 -- Changed default FILE_UPLOAD_PERMISSION to 0o644. | Himanshu Lakhara | |
| 2019-02-06 | Refs #27753 -- Favored force/smart_str() over force/smart_text(). | Aymeric Augustin | |
| 2019-02-05 | Simplified and corrected LOGIN_URL, LOGIN_REDIRECT_URL, and ↵ | Tim Graham | |
| LOGOUT_REDIRECT_URL docs. | |||
| 2019-01-30 | Fixed #30091 -- Doc'd middleware ordering requirements with CSRF_USE_SESSIONS. | Carlton Gibson | |
| 2019-01-17 | Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. | Tim Graham | |
| 2019-01-17 | Removed versionadded/changed annotations for 2.1. | Tim Graham | |
| 2018-12-05 | Reverted "Fixed #25251 -- Made data migrations available in ↵ | Tim Graham | |
| TransactionTestCase when using --keepdb." This reverts commits b3b1d3d45fc066367f4fcacf0b06f72fcd00a9c6 and 9fa0d3786febf36c87ef059a39115aa1ce3326e8 due to reverse build failures for which a solution isn't forthcoming. | |||
| 2018-11-13 | Fixed #29788 -- Added support for Oracle Managed File (OMF) tablespaces. | Mariusz Felisiak | |
| 2018-11-06 | Fixed #25251 -- Made data migrations available in TransactionTestCase when ↵ | romgar | |
| using --keepdb. Data loaded in migrations were restored at the beginning of each TransactionTestCase and all the tables are truncated at the end of these test cases. If there was a TransactionTestCase at the end of the test suite, the migrated data weren't restored in the database (especially unexpected when using --keepdb). Now data is restored at the end of each TransactionTestCase. | |||
| 2018-10-25 | Fixed #29879 -- Added CSRF_COOKIE_HTTPONLY to CSRF AJAX docs. | Mayank Singhal | |
| 2018-10-15 | Fixed #29817 -- Deprecated settings.FILE_CHARSET. | Jon Dufresne | |
| 2018-10-04 | Improved tone in docs/ref/settings.txt. | Kate Berry | |
| 2018-09-26 | Refs #29784 -- Switched to https:// links where available. | Jon Dufresne | |
| 2018-09-25 | Normalized spelling of "lowercase" and "lowercased". | Jon Dufresne | |
| 2018-06-10 | Prevented unexpected link in settings docs | Claude Paroz | |
| 2018-05-26 | Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if ↵ | Tim Graham | |
| SECRET_KEY is accessed and not set." This reverts commit b3cffde5559c4fa97625512d7ec41a674be26076 due to a regression and performance concerns. | |||
| 2018-05-17 | Removed versionadded/changed annotations for 2.0. | Tim Graham | |
| 2018-04-17 | Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is ↵ | Jon Dufresne | |
| accessed and not set. | |||
| 2018-04-13 | Fixed #27863 -- Added support for the SameSite cookie flag. | Alex Gaynor | |
| Thanks Alex Gaynor for contributing to the patch. | |||
| 2018-02-26 | Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS. | Tim Graham | |
| 2018-01-24 | Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. | Ashaba | |
| 2017-11-21 | Clarified who the AdminEmailHandler emails. | Frédéric Massart | |
| 2017-11-06 | Fixed #28776 -- Fixed a/an/and typos in docs and comments. | Дилян Палаузов | |
| 2017-11-01 | Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie ↵ | Tim Graham | |
| examples. | |||
| 2017-10-12 | Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS. | Tim Graham | |
| 2017-09-28 | Fixed #28625 -- Distinguished DATABASES['TIME_ZONE'] from settings.TIME_ZONE. | Jon Ribbens | |
| 2017-09-22 | Removed versionadded/changed annotations for 1.11. | Tim Graham | |
| 2017-09-22 | Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. | Tim Graham | |
| 2017-07-25 | Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. | Tim Graham | |
| 2017-06-27 | Fixed #28336 -- Fixed typo in docs/ref/settings.txt. | Laura | |
