| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2022-10-31 | Used more augmented assignment statements. | Nick Pope | |
| Identified using the following command: $ git grep -I '\(\<[_a-zA-Z0-9]\+\>\) *= *\1 *[-+/*^%&|<>@]' | |||
| 2022-02-07 | Refs #33476 -- Reformatted code with Black. | django-bot | |
| 2021-04-30 | Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. | Tim Graham | |
| 2021-03-30 | Fixed #31840 -- Added support for Cross-Origin Opener Policy header. | bankc | |
| Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com> | |||
| 2021-01-14 | Refs #26601 -- Made get_response argument required and don't accept None in ↵ | Mariusz Felisiak | |
| middleware classes. Per deprecation timeline. | |||
| 2020-09-14 | Fixed #31789 -- Added a new headers interface to HttpResponse. | Tom Carrick | |
| 2020-08-28 | Fixed #31928 -- Fixed detecting an async get_response in various middlewares. | Kevin Michel | |
| SecurityMiddleware and the three cache middlewares were not calling super().__init__() during their initialization or calling the required MiddlewareMixin._async_check() method. This made the middlewares not properly present as coroutine and confused the middleware chain when used in a fully async context. Thanks Kordian Kowalski for the report. | |||
| 2020-02-18 | Refs #26601 -- Deprecated passing None as get_response arg to middleware ↵ | Claude Paroz | |
| classes. This is the new contract since middleware refactoring in Django 1.10. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com> | |||
| 2019-09-09 | Fixed #29406 -- Added support for Referrer-Policy header. | Nick Pope | |
| Thanks to James Bennett for the initial implementation. | |||
| 2018-10-30 | Capitalized SecurityMiddleware headers for consistency with other headers. | Artur Juraszek | |
| (No behavior change since HTTP headers are case insensitive.) | |||
| 2017-11-14 | Fixed #28795 -- Removed 'not in' checks and used dict.setdefault(). | Дилян Палаузов | |
| 2016-08-10 | Fixed #26947 -- Added an option to enable the HSTS header preload directive. | Ed Morley | |
| 2016-05-17 | Fixed #26601 -- Improved middleware per DEP 0005. | Florian Apolloner | |
| Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP. | |||
| 2014-09-12 | Fixed #17101 -- Integrated django-secure and added check --deploy option | Tim Graham | |
| Thanks Carl Meyer for django-secure and for reviewing. Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and Jorge Carleitao for reviews. | |||
 |
index : django.git | |
| django |
| summaryrefslogtreecommitdiff |