mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 01:25:32 +00:00
Code Issues 32 Releases Wiki Activity
32,802 Commits 30 Branches 460 Tags
e2551b30adc8016c615761c80301e20f1c75e81d
Commit Graph

106 Commits

Author SHA1 Message Date
nessita
6bedb102e9 [5.1.x] Reindented attributes and methods for classes in docs/ref/middleware.txt. 
Backport of 1feedc8ef8 from main.
 2024-10-02 14:21:43 -03:00
Aditya Chaudhary
bf64ac3567 [5.1.x] Fixed #35670 -- Clarified the return value for LoginRequiredMiddleware's methods. 
Backport of efc3b0c627 from main.
 2024-10-02 13:15:57 -03:00
Adam Johnson
291fa5fbbe [5.1.x] Refs #31405 -- Improved LoginRequiredMiddleware documentation. 
co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>

Backport of 49815f70e4 from main.
 2024-08-08 10:07:12 +02:00
Hisham Mahmood
c7fc9f20b4 Fixed #31405 -- Added LoginRequiredMiddleware. 
Co-authored-by: Adam Johnson <me@adamj.eu>
Co-authored-by: Mehmet İnce <mehmet@mehmetince.net>
Co-authored-by: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
 2024-05-22 08:51:17 +02:00
Mariusz Felisiak
295467c04a Removed versionadded/changed annotations for 4.2. 
This also removes remaining versionadded/changed annotations for older
versions.
 2023-09-18 22:12:40 +02:00
django-bot
14459f80ee Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:03:56 +01:00
Andreas Pelme
ab7a85ac29 Fixed #34170 -- Implemented Heal The Breach (HTB) in GzipMiddleware. 2022-12-17 08:46:37 +01:00
Mariusz Felisiak
514884e9a5 Updated various links to HTTPS and new locations. 2022-12-06 05:59:43 +01:00
Nick Pope
9bd174b9a7 Updated documentation and comments for RFC updates. 
- Updated references to RFC 1123 to RFC 5322
  - Only partial as RFC 5322 sort of sub-references RFC 1123.
- Updated references to RFC 2388 to RFC 7578
  - Except RFC 2388 Section 5.3 which has no equivalent.
- Updated references to RFC 2396 to RFC 3986
- Updated references to RFC 2616 to RFC 9110
- Updated references to RFC 3066 to RFC 5646
- Updated references to RFC 7230 to RFC 9112
- Updated references to RFC 7231 to RFC 9110
- Updated references to RFC 7232 to RFC 9110
- Updated references to RFC 7234 to RFC 9111
- Tidied up style of text when referring to RFC documents
 2022-11-10 13:52:17 +01:00
Carlton Gibson
ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
tommcn
8e63390640 Corrected CSRF reference in middleware docs. 2022-03-17 06:03:10 +01:00
Mariusz Felisiak
97237ad3fe Removed versionadded/changed annotations for 3.2. 2021-09-20 21:23:01 +02:00
David Smith
1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Nick Pope
c156e36955 Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. 2021-05-17 09:46:09 +02:00
Tim Graham
54da6e2ac2 Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. 2021-04-30 12:32:52 +02:00
bankc
db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header. 
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
 2021-03-30 19:59:24 +02:00
Carlton Gibson
ad11f5b8c9 Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior. 2020-10-22 14:15:19 +02:00
Mariusz Felisiak
4c5236ef93 Removed versionadded/changed annotations for 3.0. 2020-05-13 09:07:51 +02:00
Min ho Kim
103a6f4307 Fixed some typos in comments and docs. 
Thanks to Mads Jenson for review.
 2019-10-02 15:50:46 +02:00
Mar Sánchez
f1d4a540b2 Refs #15396 -- Mentioned full path to GZipMiddleware in documentation. 2019-10-02 14:39:01 +02:00
Carlton Gibson
9446950470 Refs #28699 -- Clarified CSRF middleware ordering in relation to RemoteUserMiddleware. 2019-10-02 13:11:03 +02:00
Nick Pope
406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header. 
Thanks to James Bennett for the initial implementation.
 2019-09-09 13:35:41 +02:00
Nick Pope
fc62e16291 Standardized links for headers in security middleware documentation. 2019-09-09 13:35:17 +02:00
Mariusz Felisiak
5ab75adb90 Removed redundant object descriptions to prevent warnings with Sphinx 2.1.0. 2019-06-03 14:08:51 +02:00
Carlton Gibson
bae66e759f Fixed #30091 -- Doc'd middleware ordering requirements with CSRF_USE_SESSIONS. 2019-01-30 11:02:26 -05:00
Daniel Musketa
ca2856fb62 Fixed typo in docs/ref/middleware.txt. 2018-11-14 09:47:22 -05:00
Daniel Hepper
a6fb5b1fe0 Remove documenation for non-existent middleware (#9998) 
The docs contained a reference to the class
django.middleware.exception.ExceptionMiddleware. This class was introduced in
05c888ffb8. It was removed in 7d1b69dbe7, but the documentation remained.
 2018-05-27 16:08:50 +02:00
Mariusz Felisiak
7c81b28ebc Updated various links in docs to use HTTPS. 2018-01-07 14:28:41 +01:00
Tim Graham
bc95314ca6 Fixed #28786 -- Doc'd middleware ordering considerations due to CommonMiddleware setting Content-Length. 2017-11-14 12:01:24 -05:00
Tim Graham
8f8a4d10d3 Refs #26447 -- Removed outdated ETag comment in CommonMiddleware. 
Follow up to 48d57788ee.
 2017-11-11 20:45:17 -05:00
Tim Graham
5446b72003 Removed versionadded/changed annotations for 1.11. 2017-09-22 12:51:18 -04:00
Tim Graham
48d57788ee Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. 2017-09-22 12:51:18 -04:00
Claude Paroz
01f658644a Updated various links in docs to avoid redirects 
Thanks Tim Graham and Mariusz Felisiak for review and completion.
 2017-05-22 19:28:44 +02:00
Tim Graham
e27e4c0339 Removed versionadded/changed annotations for 1.10. 2017-01-17 20:52:05 -05:00
Raphael Michel
ddf169cdac Refs #16859 -- Allowed storing CSRF tokens in sessions. 
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
 2016-11-30 08:57:27 -05:00
Tim Graham
7301770254 Fixed typo in docs/ref/middleware.txt. 2016-11-06 13:22:08 +01:00
Adam Malinowski
37809b891e Fixed #27346 -- Stopped setting the Content-Length header in ConditionalGetMiddleware. 2016-11-05 22:24:54 +01:00
Tim Graham
61f9243e51 Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware. 2016-10-14 12:48:03 -04:00
Kevin Christopher Henry
ad332e5ca9 Refs #19705 -- Made GZipMiddleware make ETags weak. 
Django's conditional request processing can now produce 304 Not Modified
responses for content that is subject to compression.
 2016-10-13 14:22:54 -04:00
Denis Cornehl
a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Tim Graham
ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Ed Morley
3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley
8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive. 
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
 2016-08-08 20:20:49 -04:00
Claude Paroz
9588718cd4 Fixed #5897 -- Added the Content-Length response header in CommonMiddleware 
Thanks Tim Graham for the review.
 2016-06-27 10:44:57 +02:00
Tim Graham
46a38307c2 Removed versionadded/changed annotations for 1.9. 2016-05-20 11:44:29 -04:00
Shai Berger
5112e65ef2 Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them 
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).

While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).

Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
 2016-05-19 05:02:19 +03:00
Florian Apolloner
9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005. 
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
 2016-05-17 07:22:22 -04:00
rowanv
a6ef025dfb Fixed #26124 -- Added missing code formatting to docs headers. 2016-02-01 10:42:05 -05:00
Tim Graham
54848a96dd Removed versionadded/changed annotations for 1.8. 2015-09-23 19:31:11 -04:00
Tim Graham
849037af36 Refs #23957 -- Required session verification per deprecation timeline. 2015-09-23 19:31:10 -04:00