This initial work adds a pair of settings to configure specific CSP
directives for enforcing or reporting policy violations, a new
`django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the
appropriate headers to responses, and a context processor to support CSP
nonces in templates for safely inlining assets.
Relevant documentation has been added for the 6.0 release notes,
security overview, a new how-to page, and a dedicated reference section.
Thanks to the multiple reviewers for their precise and valuable feedback.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
This work follows a comprehensive review conducted during the DjangoCon US 2023
sprints. Changes include:
- Updated the title of the main page for better alignment with the content.
- Removed emojis to enhance accessibility and avoid cultural specificity.
- Improved the layout and navigation of contributing documentation.
- Unified sections for communication channels and community links.
- Grouped resources according to the Diátaxis systematic approach.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Daniele Procida <daniele@vurt.org>
Added a tutorial step that highlights Django Debug Toolbar, on of the
most common third party packages. It also added a mention of
djangopackages.com as a place to search for other libraries and a
link to Adam Johnson’s post on evaluating whether a package is
well-maintained.
Third-party packages are one of Django’s strengths. This should give
folks a sound route in.
Adds a reasonably feature complete implementation of full text search
using the built in PostgreSQL engine. It uses public APIs from
Expression and Lookup.
With thanks to Tim Graham, Simon Charettes, Josh Smeaton, Mikey Ariel
and many others for their advice and review. Particular thanks also go
to the supporters of the contrib.postgres kickstarter.
This makes room for a more general introduction about templating.
Updated some links to point to the new location, but kept those that
didn't talk specifically about the DTL.
Added functions and tests
Added docs and more tests
Added TextField converter to mysql backend
Aliased Value as V in example docs and tests
Removed unicode_compatible in example
Fixed console emulation in examples
