| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-01-26 | Applied Black's 2024 stable style. | Mariusz Felisiak | |
| https://github.com/psf/black/releases/tag/24.1.0 | |||
| 2023-07-11 | Refs #34695 -- Added tests for check for CSRF_FAILURE_VIEW signature with ↵ | Mariusz Felisiak | |
| valid class-based view. | |||
| 2022-02-21 | Refs #33526 -- Made ↵ | Mariusz Felisiak | |
| CSRF_COOKIE_SECURE/SESSION_COOKIE_SECURE/SESSION_COOKIE_HTTPONLY don't pass on truthy values. | |||
| 2022-02-07 | Refs #33476 -- Refactored code to strictly match 88 characters line length. | Mariusz Felisiak | |
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2022-02-01 | Fixed #30360 -- Added support for secret key rotation. | tschilling | |
| Thanks Florian Apolloner for the implementation idea. Co-authored-by: Andreas Pelme <andreas@pelme.se> Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com> | |||
| 2021-03-30 | Fixed #31840 -- Added support for Cross-Origin Opener Policy header. | bankc | |
| Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com> | |||
| 2021-01-12 | Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code. | Hasan Ramezani | |
| 2021-01-12 | Fixed #32311 -- Added system check for CSRF_FAILURE_VIEW setting. | Hasan Ramezani | |
| 2020-11-11 | Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about ↵ | Artem Kosenko | |
| autogenerated default keys. Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews. | |||
| 2020-03-21 | Normalized check framework test pattern. | Adam Johnson | |
| 2019-09-09 | Fixed #29406 -- Added support for Referrer-Policy header. | Nick Pope | |
| Thanks to James Bennett for the initial implementation. | |||
| 2019-08-05 | Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER ↵ | Adnan Umer | |
| setting. | |||
| 2018-03-16 | Fixed hanging indentation in various code. | Mariusz Felisiak | |
| 2017-12-28 | Removed unnecessary trailing commas and spaces in various code. | Mariusz Felisiak | |
| 2017-01-17 | Refs #26601 -- Removed support for old-style middleware using ↵ | Tim Graham | |
| settings.MIDDLEWARE_CLASSES. | |||
| 2016-12-19 | Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. | Tim Graham | |
| 2016-12-17 | Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS. | Raphael Michel | |
| 2016-08-10 | Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD. | Ed Morley | |
| 2016-05-17 | Fixed #26601 -- Improved middleware per DEP 0005. | Florian Apolloner | |
| Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP. | |||
| 2015-12-03 | Fixed many spelling mistakes in code, comments, and docs. | Josh Soref | |
| 2015-07-15 | Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. | rroskam | |
| 2015-05-20 | Refs #24652 -- Used SimpleTestCase where appropriate. | Simon Charette | |
| 2015-02-06 | Sorted imports with isort; refs #23860. | Tim Graham | |
| 2014-09-12 | Fixed #17101 -- Integrated django-secure and added check --deploy option | Tim Graham | |
| Thanks Carl Meyer for django-secure and for reviewing. Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and Jorge Carleitao for reviews. | |||
