| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-08-28 | Fixed #36532 -- Added Content Security Policy view decorators to override or ↵ | Rob Hudson | |
| disable policies. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2025-06-27 | Fixed #15727 -- Added Content Security Policy (CSP) support. | Rob Hudson | |
| This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> | |||
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2020-10-22 | Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. | Carlton Gibson | |
| 2019-02-09 | Removed default empty content argument from HttpResponse calls. | Jon Dufresne | |
| 2015-02-06 | Sorted imports with isort; refs #23860. | Tim Graham | |
| 2014-05-25 | Removed executeable bit from a few files. | Florian Apolloner | |
| 2014-04-23 | Fixed #21157 -- Fixed problems with ResolverMatch | Kevin Christopher Henry | |
| - Fixed bug in get_callable() that caused resolve() to put a string in ResolverMatch.func. - Made ResolverMatch.url_name match the actual url name (or None). - Updated tests that used the string value in ResolverMatch.func, and added regression tests for this bug. - Corrected test urls whose dummy view paths caused failures (behavior that was previously masked by this bug). | |||
 |
index : chango.git | |
| django |
| summaryrefslogtreecommitdiff |