Fixed #26947 -- Added an option to enable the HSTS header preload directive.

2025-11-07 07:15:35 +00:00 · 2016-07-28 17:48:07 +01:00
parent c412aaca73
commit 3c2447dd13
7 changed files with 67 additions and 4 deletions
--- a/docs/releases/1.11.txt
+++ b/docs/releases/1.11.txt
@@ -229,6 +229,9 @@ Requests and Responses
 * :class:`~django.middleware.common.CommonMiddleware` now sets the
  ``Content-Length`` response header for non-streaming responses.

+* Added the :setting:`SECURE_HSTS_PRELOAD` setting to allow appending the
+  ``preload`` directive to the ``Strict-Transport-Security`` header.
+
 Serialization
 ~~~~~~~~~~~~~