Matt Robenolt 
							
						 
					 
					
						
						
							
						
						b0c56b895f 
					 
					
						
						
							
							Fixed   #24496  -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.  
						
						... 
						
						
						
						Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews. 
						
						
					 
					
						2015-09-16 12:21:50 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Kehn 
							
						 
					 
					
						
						
							
						
						ab26b65b2f 
					 
					
						
						
							
							Fixed   #25334  -- Provided a way to allow cross-origin unsafe requests over HTTPS.  
						
						... 
						
						
						
						Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests. 
						
						
					 
					
						2015-09-05 09:19:57 -04:00 
						 
				 
			
				
					
						
							
							
								Marc 
							
						 
					 
					
						
						
							
						
						f9de197268 
					 
					
						
						
							
							Recommended the JavaScript Cookie library instead of jQuery cookie.  
						
						... 
						
						
						
						jQuery cookie is no longer maintained in favor of the JavaScript
cookie library. This also removes the jQuery dependency. 
						
						
					 
					
						2015-08-19 10:04:01 -04:00 
						 
				 
			
				
					
						
							
							
								Dave Hodder 
							
						 
					 
					
						
						
							
						
						08c980d752 
					 
					
						
						
							
							Updated capitalization in the word "JavaScript" for consistency  
						
						
						
						
					 
					
						2015-05-01 13:26:42 -04:00 
						 
				 
			
				
					
						
							
							
								Grzegorz Slusarek 
							
						 
					 
					
						
						
							
						
						668d53cd12 
					 
					
						
						
							
							Fixed   #21495  -- Added settings.CSRF_HEADER_NAME  
						
						
						
						
					 
					
						2015-03-05 15:03:40 -05:00 
						 
				 
			
				
					
						
							
							
								Aymeric Augustin 
							
						 
					 
					
						
						
							
						
						9eb4f28e89 
					 
					
						
						
							
							Deprecated TEMPLATE_CONTEXT_PROCESSORS.  
						
						
						
						
					 
					
						2014-12-28 17:02:31 +01:00 
						 
				 
			
				
					
						
							
							
								Aymeric Augustin 
							
						 
					 
					
						
						
							
						
						92e8f1f302 
					 
					
						
						
							
							Moved context_processors from django.core to django.template.  
						
						
						
						
					 
					
						2014-12-28 17:00:07 +01:00 
						 
				 
			
				
					
						
							
							
								Fabio Natali 
							
						 
					 
					
						
						
							
						
						fa680ce1e2 
					 
					
						
						
							
							Fixed   #23825  -- Added links for decorating class-based views to the CSRF docs.  
						
						
						
						
					 
					
						2014-11-15 19:33:39 +01:00 
						 
				 
			
				
					
						
							
							
								Thomas Chaumeny 
							
						 
					 
					
						
						
							
						
						d3db878e4b 
					 
					
						
						
							
							Moved CSRF docs out of contrib.  
						
						
						
						
					 
					
						2014-11-03 07:47:39 -05:00