| 
							
							
								 Mariusz Felisiak | c7276a9cb9 | Refs #34695 -- Added tests for check for CSRF_FAILURE_VIEW signature with valid class-based view. | 2023-07-11 10:46:34 +02:00 |  | 
			
				
					| 
							
							
								 Mariusz Felisiak | 1299bc33e1 | Refs #33526 -- Made CSRF_COOKIE_SECURE/SESSION_COOKIE_SECURE/SESSION_COOKIE_HTTPONLY don't pass on truthy values. | 2022-02-21 07:54:47 +01:00 |  | 
			
				
					| 
							
							
								 Mariusz Felisiak | 7119f40c98 | Refs #33476 -- Refactored code to strictly match 88 characters line length. | 2022-02-07 20:37:05 +01:00 |  | 
			
				
					| 
							
							
								 django-bot | 9c19aff7c7 | Refs #33476 -- Reformatted code with Black. | 2022-02-07 20:37:05 +01:00 |  | 
			
				
					| 
							
							
								 tschilling | 0dcd549bbe | Fixed #30360 -- Added support for secret key rotation. Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com> | 2022-02-01 11:12:24 +01:00 |  | 
			
				
					| 
							
							
								 bankc | db5b75f10f | Fixed #31840 -- Added support for Cross-Origin Opener Policy header. Thanks Adam Johnson and Tim Graham for the reviews.
Co-authored-by: Tim Graham <timograham@gmail.com> | 2021-03-30 19:59:24 +02:00 |  | 
			
				
					| 
							
							
								 Hasan Ramezani | ba3fb2e4d0 | Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code. | 2021-01-12 11:22:13 +01:00 |  | 
			
				
					| 
							
							
								 Hasan Ramezani | 64331419c8 | Fixed #32311 -- Added system check for CSRF_FAILURE_VIEW setting. | 2021-01-12 09:44:36 +01:00 |  | 
			
				
					| 
							
							
								 Artem Kosenko | b7f500396e | Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenerated default keys. Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews. | 2020-11-11 12:45:34 +01:00 |  | 
			
				
					| 
							
							
								 Adam Johnson | ffde4d5da8 | Normalized check framework test pattern. | 2020-03-21 20:14:02 +01:00 |  | 
			
				
					| 
							
							
								 Nick Pope | 406dba04e1 | Fixed #29406 -- Added support for Referrer-Policy header. Thanks to James Bennett for the initial implementation. | 2019-09-09 13:35:41 +02:00 |  | 
			
				
					| 
							
							
								 Adnan Umer | c5075360c5 | Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. | 2019-08-05 18:44:08 +02:00 |  | 
			
				
					| 
							
							
								 Mariusz Felisiak | 362813d628 | Fixed hanging indentation in various code. | 2018-03-16 10:54:34 +01:00 |  | 
			
				
					| 
							
							
								 Mariusz Felisiak | 83a36ac49a | Removed unnecessary trailing commas and spaces in various code. | 2017-12-28 21:07:29 +01:00 |  | 
			
				
					| 
							
							
								 Tim Graham | d334f46b7a | Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. | 2017-01-17 20:52:04 -05:00 |  | 
			
				
					| 
							
							
								 Tim Graham | c27104a9c7 | Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. | 2016-12-19 17:56:58 -05:00 |  | 
			
				
					| 
							
							
								 Raphael Michel | 33e86b3488 | Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS. | 2016-12-17 09:59:48 -05:00 |  | 
			
				
					| 
							
							
								 Ed Morley | 7399fee6c3 | Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD. | 2016-08-10 20:31:01 -04:00 |  | 
			
				
					| 
							
							
								 Florian Apolloner | 9baf692a58 | Fixed #26601 -- Improved middleware per DEP 0005. Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP. | 2016-05-17 07:22:22 -04:00 |  | 
			
				
					| 
							
							
								 Josh Soref | 93452a70e8 | Fixed many spelling mistakes in code, comments, and docs. | 2015-12-03 12:48:24 -05:00 |  | 
			
				
					| 
							
							
								 rroskam | ed514caed2 | Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. | 2015-07-15 09:18:58 -04:00 |  | 
			
				
					| 
							
							
								 Simon Charette | be67400b47 | Refs #24652 -- Used SimpleTestCase where appropriate. | 2015-05-20 13:46:13 -04:00 |  | 
			
				
					| 
							
							
								 Tim Graham | 0ed7d15563 | Sorted imports with isort; refs #23860. | 2015-02-06 08:16:28 -05:00 |  | 
			
				
					| 
							
							
								 Tim Graham | 52ef6a4726 | Fixed #17101 -- Integrated django-secure and added check --deploy option Thanks Carl Meyer for django-secure and for reviewing.
Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews. | 2014-09-12 15:05:23 -04:00 |  |