summaryrefslogtreecommitdiff
path: root/django/middleware
AgeCommit message (Expand)Author
2025-10-21Fixed #36656 -- Avoided truncating async streaming responses in GZipMiddleware.Adam Johnson
2025-09-15Renamed local variables in CsrfViewMiddleware._origin_verified() for clarity.Klaas van Schelven
2025-09-03Refs #34989 -- Ensured the Content-Length header is set when redirect with AP...Ronan LE HAY
2025-08-28Fixed #36532 -- Added Content Security Policy view decorators to override or ...Rob Hudson
2025-08-27Fixed #36572 -- Revert "Fixed #36546 -- Deprecated django.utils.crypto.consta...Sarah Boyce
2025-08-25Fixed #36546 -- Deprecated django.utils.crypto.constant_time_compare() in fav...SaJH
2025-08-21Fixed #36560 -- Prevented UpdateCacheMiddleware from caching responses with C...mengxun
2025-07-24Fixed typo in django/middleware/gzip.py.Mohamed Amine Mahmoud
2025-07-23Refs #36500 -- Rewrapped long docstrings and block comments via a script.django-bot
2025-07-23Removed double spaces after periods and within phrases.Sarah Boyce
2025-06-27Fixed #15727 -- Added Content Security Policy (CSP) support.Rob Hudson
2024-07-04Removed unneeded hyphens in "counterintuitive".Carlton Gibson
2024-05-29Fixed 35467 -- Replaced urlparse with urlsplit where appropriate.Jake Howard
2024-02-05Fixed #27225 -- Added "Age" header when fetching cached responses.Rinat Khabibiev
2024-01-26Applied Black's 2024 stable style.Mariusz Felisiak
2023-12-08Fixed #34742 -- Made CommonMiddleware raise APPEND_SLASH RuntimeError on DELE...Avaneesh Kumar
2023-05-02Fixed #34515 -- Made LocaleMiddleware prefer language from paths when i18n pa...Mariusz Felisiak
2023-01-17Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per deprecatio...Mariusz Felisiak
2022-12-22Fixed #33735 -- Added async support to StreamingHttpResponse.Carlton Gibson
2022-12-17Fixed #34170 -- Implemented Heal The Breach (HTB) in GzipMiddleware.Andreas Pelme
2022-11-14Fixed #34074 -- Added headers argument to RequestFactory and Client classes.David Wobrock
2022-11-10Updated documentation and comments for RFC updates.Nick Pope
2022-10-31Used more augmented assignment statements.Nick Pope
2022-10-13Fixed #34069 -- Made LocaleMiddleware respect language from requests when i18...Sergio
2022-06-02Fixed #33700 -- Skipped extra resolution for successful requests not ending w...Anders Kaseorg
2022-04-29Refs #30426 -- Updated XFrameOptionsMiddleware docstring.Clemens Wolff
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2021-11-29Refs #32800 -- Renamed _sanitize_token() to _check_token_format().Chris Jerdonek
2021-11-29Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.Chris Jerdonek
2021-11-03Fixed #33252 -- Made cache middlewares thread-safe.Iuri de Silvio
2021-09-01Fixed #32768 -- Added Vary header when redirecting to prefixed i18n pattern.Alex Hayward
2021-08-17Refs #32800 -- Added _add_new_csrf_cookie() helper function.Chris Jerdonek
2021-08-17Refs #32800 -- Renamed _set_token() to _set_csrf_cookie().Chris Jerdonek
2021-08-03Refs #32800 -- Renamed _compare_masked_tokens() to _does_token_match().Chris Jerdonek
2021-07-29Refs #32916 -- Replaced request.csrf_cookie_needs_reset with request.META['CS...Chris Jerdonek
2021-07-29Fixed #32916 -- Combined request.META['CSRF_COOKIE_USED'] and request.csrf_co...Chris Jerdonek
2021-07-23Fixed #32329 -- Made CsrfViewMiddleware catch more specific UnreadablePostError.Virtosu Bogdan
2021-07-23Fixed #32902 -- Fixed CsrfViewMiddleware.process_response()'s cookie reset lo...Chris Jerdonek
2021-06-23Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token erro...Chris Jerdonek
2021-06-22Fixed #32842 -- Refactored out CsrfViewMiddleware._check_token().Chris Jerdonek
2021-06-12Fixed comment in CsrfViewMiddleware to say _reject instead of reject.Chris Jerdonek
2021-06-01Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted...Chris Jerdonek
2021-05-31Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted...Chris Jerdonek
2021-05-29Refs #32778 -- Improved the name of the regex object detecting invalid CSRF t...Chris Jerdonek
2021-05-28Refs #32596 -- Added early return on safe methods in CsrfViewMiddleware.proce...Chris Jerdonek
2021-05-28Refs #32596 -- Optimized CsrfViewMiddleware._check_referer() to delay computi...Chris Jerdonek
2021-05-28Fixed #32596 -- Added CsrfViewMiddleware._check_referer().Chris Jerdonek
2021-05-25Fixed #32778 -- Avoided unnecessary recompilation of token regex in _sanitize...abhiabhi94
2021-04-30Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.Tim Graham
2021-03-30Fixed #31840 -- Added support for Cross-Origin Opener Policy header.bankc
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 19:10:08 +0000