summaryrefslogtreecommitdiff
path: root/docs/topics/security.txt
AgeCommit message (Expand)Author
2017-11-01Described how querysets are protected from SQL injection in more detail.Tim Graham
2016-08-10Fixed #26947 -- Added an option to enable the HSTS header preload directive.Ed Morley
2016-05-19Fixed #20869 -- made CSRF tokens change every request by salt-encrypting themShai Berger
2016-04-09Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.Tim Graham
2016-04-04Removed a reference to Django 1.3.1 in docs.Tim Graham
2016-02-11Fixed #26206 -- Fixed docs comments causing empty code blocks.Tim Graham
2016-01-25Fixed Sphinx highlight warnings in docs.Tim Graham
2015-12-21Removed a misleading comment about HTTPS.Alex Gaynor
2015-12-01Fixed #25778 -- Updated docs links to use https when available.Jon Dufresne
2015-11-16Fixed #25755 -- Unified spelling of "website".Agnieszka Lasyk
2015-09-04Added links to new security settings introduced in 1.8.David Sanders
2015-08-08Updated various links in docsClaude Paroz
2015-08-08Updated Wikipedia links to use httpsClaude Paroz
2015-08-05Fixed #25212 -- Documented the RawSQL expression.Tim Graham
2014-09-26Fixed #23561 -- Corrected a security doc example that requires an unquoted HT...Carl Meyer
2014-08-18Fixed some doc errors that caused syntax highlighting to fail.Tim Graham
2014-04-25Fixed #22504 -- Corrected domain terminology in security guide.Tim Graham
2014-04-25Fixed #22493 - Added warnings to raw() and extra() docs about SQL injectionMoayad Mardini
2014-03-21Removed PIL compatability layer per deprecation timeline.Tim Graham
2013-11-27Added a warning regarding risks in serving user uploaded media.Tim Graham
2013-10-18Added a warning regarding session security and subdomains.Tim Graham
2013-04-29Fixed #20330 -- Normalized spelling of "web server".Aymeric Augustin
2013-02-19Added a new required ALLOWED_HOSTS setting for HTTP host header validation.Carl Meyer
2012-12-29Removed django.contrib.markup.Aymeric Augustin
2012-12-26Fixed broken links, round 3. refs #19516Tim Graham
2012-12-10Fixed a security issue in get_host.Florian Apolloner
2012-09-06Formatting fix for host headers sectionDavid Fischer
2012-09-06Added CSRF with HTTPS/HSTS and forwarding noteDavid Fischer
2012-09-06Added note about Strict Transport Security (HSTS)David Fischer
2012-06-04Rewrote security.txt SSL docs, noting SECURE_PROXY_SSL_HEADER.Luke Plant
2012-04-19Added more explicit warnings about unconfigured reStructured Text usage in docs.Luke Plant
2011-12-17Quick edit of docs/topics/security.txt to catch some basic formatting problem...Adrian Holovaty
2011-09-10Added protection against spoofing of X_FORWARDED_HOST headers. A security ann...Russell Keith-Magee
2011-07-29Fixes #16482 -- Fixes typo in security docs. Thanks, charettes.Jannis Leidel
2011-07-17Grammar fixes and content tweaks to XSS section of security docs.Luke Plant
2011-07-06Improved warning about file uploads in docs, and added link from security ove...Luke Plant
2011-06-14Fixed #16248 -- Corrected a few typos in the security docs. Thanks, buddelkiste.Jannis Leidel
2011-06-10Fixed #14201 - Add a "security overview" page to the docsLuke Plant
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 02:18:44 +0000