summaryrefslogtreecommitdiff
path: root/tests/middleware/test_csp.py
AgeCommit message (Collapse)Author
2026-05-20Refs #36825 -- Fixed regression in CSPSeleniumTestCase.Johannes Maron
The CSP report test relied on the debug view having a CSP error, which has been fixed in 3e4e0db. This commit added a custom view to reintroduce the same error to verify the reporting behavior. Follow-up to 3e4e0db66961a48a080ff3ff91f6c0d954261366.
2026-01-09Refs #35875 -- Added dark mode support in additional views.mbcodes
Thanks Thibaud Colas for the review.
2025-08-28Fixed #36532 -- Added Content Security Policy view decorators to override or ↵Rob Hudson
disable policies. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-08-26Refs #15727 -- Captured failed request log in CSPMiddlewareTest.Jacob Walls
2025-07-23Refs #36500 -- Rewrapped long docstrings and block comments via a script.django-bot
Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505.
2025-06-27Fixed #15727 -- Added Content Security Policy (CSP) support.Rob Hudson
This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>