summaryrefslogtreecommitdiff
path: root/docs/ref/settings.txt
AgeCommit message (Collapse)Author
2019-11-28[3.0.x] Fixed #31029 -- Used more specific links to RFCs.Baptiste Mispelon
Backport of ff1b19da6761217ed1b14cc7e94c6438903565d8 from master
2019-11-06[3.0.x] Added a link to the file email backend from EMAIL_FILE_PATH setting.Jon Dufresne
Backport of c8debd50617142937191986aec77a5eee472c28e from master
2019-10-11[3.0.x] Clarified that SECURE_REDIRECT_EXEMPT patterns should not include ↵René Fleschenberg
leading slashes. Backport of d232fd76a85870daf345fd8f8d617fe7802ae194 from master
2019-09-13[3.0.x] Fixed typos in docs/ref/settings.txt.Ben Falk
Backport of 4056558a1c9cf650ab6e7cb1a319206d2e8c770f from master
2019-09-09Fixed #29406 -- Added support for Referrer-Policy header.Nick Pope
Thanks to James Bennett for the initial implementation.
2019-09-09Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.Claude Paroz
2019-09-06Fixed #30573 -- Rephrased documentation to avoid words that minimise the ↵Tobias Kunze
involved difficulty. This patch does not remove all occurrences of the words in question. Rather, I went through all of the occurrences of the words listed below, and judged if they a) suggested the reader had some kind of knowledge/experience, and b) if they added anything of value (including tone of voice, etc). I left most of the words alone. I looked at the following words: - simply/simple - easy/easier/easiest - obvious - just - merely - straightforward - ridiculous Thanks to Carlton Gibson for guidance on how to approach this issue, and to Tim Bell for providing the idea. But the enormous lion's share of thanks go to Adam Johnson for his patient and helpful review.
2019-08-18Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True.Claude Paroz
2019-08-05Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER ↵Adnan Umer
setting.
2019-07-01Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵Carlton Gibson
SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review.
2019-06-11Changed charset and collation link to MySQL docs.Mykola Nicholas
2019-05-27Refs #29548 -- Updated docs for MariaDB support.Mariusz Felisiak
2019-04-24Fixes #30342 -- Removed a system check for LANGUAGES_BIDI setting.Matthias Kestenholz
This partly reverts commit 4400d8296d268f5a8523cd02ddc33b12219b2535.
2019-04-08Fixed #30304 -- Added support for the HttpOnly, SameSite, and Secure flags ↵Ran Benita
on language cookies.
2019-04-02Fixed typo in docs/ref/settings.txt.Mariusz Felisiak
2019-03-29Removed unnecessary /static from links to PostgreSQL docs.Nick Pope
2019-03-28Moved extlinks in docs config to allow using 'version' variable.Tim Graham
After a stable branch is created, 'master' will change to 'stable/' + version + '.x'.
2019-03-28Used extlinks for Django's source code.Tim Graham
2019-03-28Refs #1660 -- Doc'd the LANGUAGES_BIDI setting.Nick Pope
2019-03-27Updated spelling and RFCs in HttpOnly cookie flag docs.Nick Pope
2019-02-08Fixed #30004 -- Changed default FILE_UPLOAD_PERMISSION to 0o644.Himanshu Lakhara
2019-02-06Refs #27753 -- Favored force/smart_str() over force/smart_text().Aymeric Augustin
2019-02-05Simplified and corrected LOGIN_URL, LOGIN_REDIRECT_URL, and ↵Tim Graham
LOGOUT_REDIRECT_URL docs.
2019-01-30Fixed #30091 -- Doc'd middleware ordering requirements with CSRF_USE_SESSIONS.Carlton Gibson
2019-01-17Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.Tim Graham
2019-01-17Removed versionadded/changed annotations for 2.1.Tim Graham
2018-12-05Reverted "Fixed #25251 -- Made data migrations available in ↵Tim Graham
TransactionTestCase when using --keepdb." This reverts commits b3b1d3d45fc066367f4fcacf0b06f72fcd00a9c6 and 9fa0d3786febf36c87ef059a39115aa1ce3326e8 due to reverse build failures for which a solution isn't forthcoming.
2018-11-13Fixed #29788 -- Added support for Oracle Managed File (OMF) tablespaces.Mariusz Felisiak
2018-11-06Fixed #25251 -- Made data migrations available in TransactionTestCase when ↵romgar
using --keepdb. Data loaded in migrations were restored at the beginning of each TransactionTestCase and all the tables are truncated at the end of these test cases. If there was a TransactionTestCase at the end of the test suite, the migrated data weren't restored in the database (especially unexpected when using --keepdb). Now data is restored at the end of each TransactionTestCase.
2018-10-25Fixed #29879 -- Added CSRF_COOKIE_HTTPONLY to CSRF AJAX docs.Mayank Singhal
2018-10-15Fixed #29817 -- Deprecated settings.FILE_CHARSET.Jon Dufresne
2018-10-04Improved tone in docs/ref/settings.txt.Kate Berry
2018-09-26Refs #29784 -- Switched to https:// links where available.Jon Dufresne
2018-09-25Normalized spelling of "lowercase" and "lowercased".Jon Dufresne
2018-06-10Prevented unexpected link in settings docsClaude Paroz
2018-05-26Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if ↵Tim Graham
SECRET_KEY is accessed and not set." This reverts commit b3cffde5559c4fa97625512d7ec41a674be26076 due to a regression and performance concerns.
2018-05-17Removed versionadded/changed annotations for 2.0.Tim Graham
2018-04-17Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is ↵Jon Dufresne
accessed and not set.
2018-04-13Fixed #27863 -- Added support for the SameSite cookie flag.Alex Gaynor
Thanks Alex Gaynor for contributing to the patch.
2018-02-26Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.Tim Graham
2018-01-24Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs.Ashaba
2017-11-21Clarified who the AdminEmailHandler emails.Frédéric Massart
2017-11-06Fixed #28776 -- Fixed a/an/and typos in docs and comments.Дилян Палаузов
2017-11-01Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie ↵Tim Graham
examples.
2017-10-12Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS.Tim Graham
2017-09-28Fixed #28625 -- Distinguished DATABASES['TIME_ZONE'] from settings.TIME_ZONE.Jon Ribbens
2017-09-22Removed versionadded/changed annotations for 1.11.Tim Graham
2017-09-22Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.Tim Graham
2017-07-25Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD.Tim Graham
2017-06-27Fixed #28336 -- Fixed typo in docs/ref/settings.txt.Laura