| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-02-01 | Refs #33476 -- Applied Black's 2023 stable style. | David Smith | |
| Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0 | |||
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2021-11-16 | Refs #32800 -- Avoided use of _does_token_match() in some CSRF tests. | Chris Jerdonek | |
| 2021-08-03 | Refs #32800 -- Renamed _compare_masked_tokens() to _does_token_match(). | Chris Jerdonek | |
| 2020-05-11 | Refs #30116 -- Simplified regex match group access with Match.__getitem__(). | Jon Dufresne | |
| The method has been available since Python 3.6. The shorter syntax is also marginally faster. | |||
| 2020-02-25 | Fixed #31291 -- Renamed salt to mask for CSRF tokens. | Ram Rachum | |
| 2020-02-18 | Refs #26601 -- Deprecated passing None as get_response arg to middleware ↵ | Claude Paroz | |
| classes. This is the new contract since middleware refactoring in Django 1.10. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2018-01-21 | Fixed #29038 -- Removed closing slash from HTML void tags. | Jon Dufresne | |
| 2017-02-03 | Fixed spelling of "nonexistent". | Tim Graham | |
| 2017-01-25 | Refs #23919 -- Replaced super(ClassName, self) with super(). | chillaranand | |
| 2017-01-18 | Refs #23919 -- Removed encoding preambles and future imports | Claude Paroz | |
| 2016-05-19 | Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them | Shai Berger | |
| Note that the cookie is not changed every request, just the token retrieved by the `get_token()` method (used also by the `{% csrf_token %}` tag). While at it, made token validation strict: Where, before, any length was accepted and non-ASCII chars were ignored, we now treat anything other than `[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for backwards-compatibility, are accepted and replaced by 64-char ones). Thanks Trac user patrys for reporting, github user adambrenecki for initial patch, Tim Graham for help, and Curtis Maloney, Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne for reviews. | |||
| 2015-05-20 | Refs #24652 -- Made sure template backend tests call their super setUpClass. | Simon Charette | |
| 2015-05-06 | Fixed #24119, #24120 -- Formalized debug integration for template backends. | Preston Timmons | |
| 2015-03-18 | Refs #24469 -- Fixed escaping of forms, fields, and media in non-Django ↵ | Moritz Sichert | |
| templates. | |||
| 2015-01-12 | Rewrapped TemplateSyntaxError in Jinja2 backend. | Aymeric Augustin | |
| Changed import style to avoid confusion between Django's and Jinja2's APIs. | |||
| 2014-12-28 | Added basic tests for template backends. | Aymeric Augustin | |
