mirrors
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues 24 Releases Wiki Activity
33,061 Commits 28 Branches 423 Tags 681 MiB
Commit Graph

108 Commits

Author SHA1 Message Date
nessita 1feedc8ef8
Reindented attributes and methods for classes in docs/ref/middleware.txt. 2024-10-02 14:21:10 -03:00
Aditya Chaudhary efc3b0c627
Fixed #35670 -- Clarified the return value for LoginRequiredMiddleware's methods. 2024-10-02 13:15:21 -03:00
Adam Johnson 49815f70e4 Refs #31405 -- Improved LoginRequiredMiddleware documentation. 
co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-08-08 10:05:31 +02:00
lufafajoshua e2428292ab Fixed #35401 -- Documented the conditional_page() decorator. 2024-06-12 13:11:29 +02:00
lufafajoshua 708b01c795 Refs #35401 -- Linked the CsrfViewMiddleware docs to the csrf_protect() decorator. 2024-06-12 13:11:29 +02:00
Hisham Mahmood c7fc9f20b4 Fixed #31405 -- Added LoginRequiredMiddleware. 
Co-authored-by: Adam Johnson <me@adamj.eu>
Co-authored-by: Mehmet İnce <mehmet@mehmetince.net>
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-05-22 08:51:17 +02:00
Mariusz Felisiak 295467c04a Removed versionadded/changed annotations for 4.2. 
This also removes remaining versionadded/changed annotations for older
versions.
 2023-09-18 22:12:40 +02:00
django-bot 14459f80ee Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:03:56 +01:00
Andreas Pelme ab7a85ac29 Fixed #34170 -- Implemented Heal The Breach (HTB) in GzipMiddleware. 2022-12-17 08:46:37 +01:00
Mariusz Felisiak 514884e9a5
Updated various links to HTTPS and new locations. 2022-12-06 05:59:43 +01:00
Nick Pope 9bd174b9a7 Updated documentation and comments for RFC updates. 
- Updated references to RFC 1123 to RFC 5322
  - Only partial as RFC 5322 sort of sub-references RFC 1123.
- Updated references to RFC 2388 to RFC 7578
  - Except RFC 2388 Section 5.3 which has no equivalent.
- Updated references to RFC 2396 to RFC 3986
- Updated references to RFC 2616 to RFC 9110
- Updated references to RFC 3066 to RFC 5646
- Updated references to RFC 7230 to RFC 9112
- Updated references to RFC 7231 to RFC 9110
- Updated references to RFC 7232 to RFC 9110
- Updated references to RFC 7234 to RFC 9111
- Tidied up style of text when referring to RFC documents
 2022-11-10 13:52:17 +01:00
Carlton Gibson ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
tommcn 8e63390640 Corrected CSRF reference in middleware docs. 2022-03-17 06:03:10 +01:00
Mariusz Felisiak 97237ad3fe Removed versionadded/changed annotations for 3.2. 2021-09-20 21:23:01 +02:00
David Smith 1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Nick Pope c156e36955 Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. 2021-05-17 09:46:09 +02:00
Tim Graham 54da6e2ac2 Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. 2021-04-30 12:32:52 +02:00
bankc db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header. 
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
 2021-03-30 19:59:24 +02:00
Carlton Gibson ad11f5b8c9 Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. 2020-10-22 14:15:19 +02:00
Mariusz Felisiak 4c5236ef93 Removed versionadded/changed annotations for 3.0. 2020-05-13 09:07:51 +02:00
Min ho Kim 103a6f4307 Fixed some typos in comments and docs. 
Thanks to Mads Jenson for review.
 2019-10-02 15:50:46 +02:00
Mar Sánchez f1d4a540b2 Refs #15396 -- Mentioned full path to GZipMiddleware in documentation. 2019-10-02 14:39:01 +02:00
Carlton Gibson 9446950470 Refs #28699 -- Clarified CSRF middleware ordering in relation to RemoteUserMiddleware. 2019-10-02 13:11:03 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header. 
Thanks to James Bennett for the initial implementation.
 2019-09-09 13:35:41 +02:00
Nick Pope fc62e16291 Standardized links for headers in security middleware documentation. 2019-09-09 13:35:17 +02:00
Mariusz Felisiak 5ab75adb90 Removed redundant object descriptions to prevent warnings with Sphinx 2.1.0. 2019-06-03 14:08:51 +02:00
Carlton Gibson bae66e759f Fixed #30091 -- Doc'd middleware ordering requirements with CSRF_USE_SESSIONS. 2019-01-30 11:02:26 -05:00
Daniel Musketa ca2856fb62 Fixed typo in docs/ref/middleware.txt. 2018-11-14 09:47:22 -05:00
Daniel Hepper a6fb5b1fe0 Remove documenation for non-existent middleware (#9998) 
The docs contained a reference to the class
django.middleware.exception.ExceptionMiddleware. This class was introduced in
05c888ffb8. It was removed in 7d1b69dbe7, but the documentation remained.
 2018-05-27 16:08:50 +02:00
Mariusz Felisiak 7c81b28ebc
Updated various links in docs to use HTTPS. 2018-01-07 14:28:41 +01:00
Tim Graham bc95314ca6 Fixed #28786 -- Doc'd middleware ordering considerations due to CommonMiddleware setting Content-Length. 2017-11-14 12:01:24 -05:00
Tim Graham 8f8a4d10d3 Refs #26447 -- Removed outdated ETag comment in CommonMiddleware. 
Follow up to 48d57788ee.
 2017-11-11 20:45:17 -05:00
Tim Graham 5446b72003 Removed versionadded/changed annotations for 1.11. 2017-09-22 12:51:18 -04:00
Tim Graham 48d57788ee Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. 2017-09-22 12:51:18 -04:00
Claude Paroz 01f658644a Updated various links in docs to avoid redirects 
Thanks Tim Graham and Mariusz Felisiak for review and completion.
 2017-05-22 19:28:44 +02:00
Tim Graham e27e4c0339 Removed versionadded/changed annotations for 1.10. 2017-01-17 20:52:05 -05:00
Raphael Michel ddf169cdac Refs #16859 -- Allowed storing CSRF tokens in sessions. 
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
 2016-11-30 08:57:27 -05:00
Tim Graham 7301770254 Fixed typo in docs/ref/middleware.txt. 2016-11-06 13:22:08 +01:00
Adam Malinowski 37809b891e Fixed #27346 -- Stopped setting the Content-Length header in ConditionalGetMiddleware. 2016-11-05 22:24:54 +01:00
Tim Graham 61f9243e51 Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware. 2016-10-14 12:48:03 -04:00
Kevin Christopher Henry ad332e5ca9 Refs #19705 -- Made GZipMiddleware make ETags weak. 
Django's conditional request processing can now produce 304 Not Modified
responses for content that is subject to compression.
 2016-10-13 14:22:54 -04:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Tim Graham ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Ed Morley 3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley 8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive. 
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
 2016-08-08 20:20:49 -04:00
Claude Paroz 9588718cd4 Fixed #5897 -- Added the Content-Length response header in CommonMiddleware 
Thanks Tim Graham for the review.
 2016-06-27 10:44:57 +02:00
Tim Graham 46a38307c2 Removed versionadded/changed annotations for 1.9. 2016-05-20 11:44:29 -04:00
Shai Berger 5112e65ef2 Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them 
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).

While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).

Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
 2016-05-19 05:02:19 +03:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005. 
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
 2016-05-17 07:22:22 -04:00
rowanv a6ef025dfb Fixed #26124 -- Added missing code formatting to docs headers. 2016-02-01 10:42:05 -05:00