summaryrefslogtreecommitdiff
path: root/tests/check_framework/test_security.py
AgeCommit message (Collapse)Author
2022-02-21Refs #33526 -- Made ↵Mariusz Felisiak
CSRF_COOKIE_SECURE/SESSION_COOKIE_SECURE/SESSION_COOKIE_HTTPONLY don't pass on truthy values.
2022-02-07Refs #33476 -- Refactored code to strictly match 88 characters line length.Mariusz Felisiak
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2022-02-01Fixed #30360 -- Added support for secret key rotation.tschilling
Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2021-03-30Fixed #31840 -- Added support for Cross-Origin Opener Policy header.bankc
Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com>
2021-01-12Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code.Hasan Ramezani
2021-01-12Fixed #32311 -- Added system check for CSRF_FAILURE_VIEW setting.Hasan Ramezani
2020-11-11Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about ↵Artem Kosenko
autogenerated default keys. Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews.
2020-03-21Normalized check framework test pattern.Adam Johnson
2019-09-09Fixed #29406 -- Added support for Referrer-Policy header.Nick Pope
Thanks to James Bennett for the initial implementation.
2019-08-05Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER ↵Adnan Umer
setting.
2018-03-16Fixed hanging indentation in various code.Mariusz Felisiak
2017-12-28Removed unnecessary trailing commas and spaces in various code.Mariusz Felisiak
2017-01-17Refs #26601 -- Removed support for old-style middleware using ↵Tim Graham
settings.MIDDLEWARE_CLASSES.
2016-12-19Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security.Tim Graham
2016-12-17Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS.Raphael Michel
2016-08-10Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD.Ed Morley
2016-05-17Fixed #26601 -- Improved middleware per DEP 0005.Florian Apolloner
Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP.
2015-12-03Fixed many spelling mistakes in code, comments, and docs.Josh Soref
2015-07-15Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS.rroskam
2015-05-20Refs #24652 -- Used SimpleTestCase where appropriate.Simon Charette
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2014-09-12Fixed #17101 -- Integrated django-secure and added check --deploy optionTim Graham
Thanks Carl Meyer for django-secure and for reviewing. Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and Jorge Carleitao for reviews.