Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵ | David Smith | 2021-07-29 | 1 | -1/+1 |
| | | | | appropriate. | ||||
* | Bumped minimum isort version to 5.1.0. | David Smith | 2020-07-30 | 1 | -1/+1 |
| | | | | | Fixed inner imports per isort 5. isort 5.0.0 to 5.1.0 was unstable. | ||||
* | Refs #30400 -- Improved typography in debug and csrf templates. | Jon Dufresne | 2020-07-08 | 1 | -3/+3 |
| | |||||
* | Fixed #30400 -- Improved typography of user facing strings. | Jon Dufresne | 2019-06-28 | 1 | -16/+16 |
| | | | | Thanks Claude Paroz for assistance with translations. | ||||
* | Fixed #28508 -- Set the foreground color to black in CSRF and 404 error ↵ | Stefan Sinca | 2017-09-21 | 1 | -1/+1 |
| | | | | templates. | ||||
* | Refs #16870 -- Doc'd that CSRF protection requires the Referer header. | Flávio Juvenal | 2017-06-22 | 1 | -0/+8 |
| | |||||
* | Converted usage of ugettext* functions to their gettext* aliases | Claude Paroz | 2017-02-07 | 1 | -1/+1 |
| | | | | Thanks Tim Graham for the review. | ||||
* | Fixed #27258 -- Prohibited django.Template.render() with non-dict context. | Shivang Bharadwaj | 2016-12-28 | 1 | -2/+3 |
| | | | Thanks Shivang Bharadwaj for the initial patch. | ||||
* | Fixed #26201 -- Documented the consequences of rotating the CSRF token on login. | Vaclav Ehrlich | 2016-04-05 | 1 | -0/+3 |
| | |||||
* | Removed blank line to appease isort. | Tim Graham | 2015-11-17 | 1 | -1/+0 |
| | |||||
* | Fixed #25695 -- Added template_name parameter to csrf_failure() view. | Raphael Michel | 2015-11-17 | 1 | -3/+12 |
| | |||||
* | Fixed #24389 -- Isolated the CSRF view from the TEMPLATES setting. | Aymeric Augustin | 2015-02-22 | 1 | -5/+5 |
| | | | | Thanks uranusjr for the report and analysis. | ||||
* | Sorted imports with isort; refs #23860. | Tim Graham | 2015-02-06 | 1 | -0/+1 |
| | |||||
* | Updated link to CSRF docs | Claude Paroz | 2014-12-25 | 1 | -2/+2 |
| | | | | Refs #23866. | ||||
* | Fixed #23866 -- Harmonized refs to Django documentation from code | Claude Paroz | 2014-12-25 | 1 | -2/+4 |
| | |||||
* | Fixed #21322 -- Error message when CSRF cookie is missing | Bouke Haarsma | 2013-11-03 | 1 | -1/+15 |
| | | | | Thanks to Henrik Levkowetz and olau for their reports and initial patches. | ||||
* | Fixed #21324 -- Translate CSRF failure view | Bouke Haarsma | 2013-11-02 | 1 | -16/+29 |
| | | | | Thanks to Claude Paroz for the original patch. | ||||
* | Removed usage of mimetype kwarg of HttpResponse | Claude Paroz | 2012-06-30 | 1 | -1/+1 |
| | | | | Refs #16519. | ||||
* | Improved CSRF error message. | Paul McMillan | 2012-02-21 | 1 | -0/+2 |
| | | | | git-svn-id: http://code.djangoproject.com/svn/django/trunk@17570 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Fixed #16009 - typo in CSRF_FAILRE_TEMPLATE. | Luke Plant | 2011-05-12 | 1 | -2/+2 |
| | | | | | | | | Thanks to adehnert for report and patch. Though I flail to see what problem it was causing... git-svn-id: http://code.djangoproject.com/svn/django/trunk@16216 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Switched to HTML5 doctype in all Django supplied templates. | Luke Plant | 2011-04-20 | 1 | -1/+1 |
| | | | | git-svn-id: http://code.djangoproject.com/svn/django/trunk@16050 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Fixed #11509 -- Modified usage of "Web" to match our style guide in various ↵ | Russell Keith-Magee | 2010-10-09 | 1 | -1/+1 |
| | | | | | | documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Added explanatory note on CSRF failure page for the case of a missing ↵ | Luke Plant | 2010-09-03 | 1 | -2/+15 |
| | | | | | | | | | | | | | Referer header. This is intended to help power users who have disabled Referer headers, or installed add-ons which have done so, and to help web site administrators with debugging, since this problem will be browser specific and not a programming error. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13680 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Fixed #13590 - Made CSRF failure page styling consistent with Django's ↵ | Luke Plant | 2010-05-22 | 1 | -5/+25 |
| | | | | | | | | | | default error page styling. Thanks to alefteris for suggestion. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13300 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Fixed #12130 - documented need for csrf_protect on views that don't accept POST | Luke Plant | 2009-11-03 | 1 | -0/+5 |
| | | | | | | | | | | | | | | | Includes: * proper documentation for csrf_protect * notes in comments app. * specific upgrade notes for comments app Thanks to carljm for report and debugging. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11711 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Improved HTML in CSRF debug template - <code> instead of <tt> | Luke Plant | 2009-10-29 | 1 | -4/+4 |
| | | | | git-svn-id: http://code.djangoproject.com/svn/django/trunk@11680 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Small improvement to CSRF failure template. | Luke Plant | 2009-10-27 | 1 | -0/+2 |
| | | | | git-svn-id: http://code.djangoproject.com/svn/django/trunk@11676 bcc190cf-cafb-0310-a4f2-bffc1f526a37 | ||||
* | Moved contrib.csrf.* to core code. | Luke Plant | 2009-10-27 | 1 | -0/+62 |
There is stub code for backwards compatiblity with Django 1.1 imports. The documentation has been updated, but has been left in docs/contrib/csrf.txt for now, in order to avoid dead links to documentation on the website. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37 |