index
:
delta/python-packages/django.git
1.8
15667
16682
24046
24215
24525
26176
3.2-man-page
4.0/make-zoneinfo-default-timezone-implementation-squashed
alex-patch-1
attic/boulder-oracle-sprint
attic/full-history
attic/generic-auth
attic/gis
attic/i18n
attic/magic-removal
attic/multi-auth
attic/multiple-db-support
attic/new-admin
attic/newforms-admin
attic/per-object-permissions
attic/queryset-refactor
attic/schema-evolution
attic/schema-evolution-ng
attic/search-api
attic/sqlalchemy
attic/unicode
c/29988-allow-f-strings
c/32409-async-tests-cannot-call-orm
c/append-slash-opt-out
c/replace-utcnow
c/use-bpo-extlink
dep0005
dep5
fix-cache-test
fix/remove-stray-file
issue/31570
link-to-code-of-conduct
main
make-zoneinfo-default-timezone-implementation
master
remove-unnecesary-if-wrap
selenium-updates
sir-sigurd-patch-1
soc2009/admin-ui
soc2009/http-wsgi-improvements
soc2009/i18n-improvements
soc2009/model-validation
soc2009/multidb
soc2009/test-improvements
soc2010/app-loading
soc2010/query-refactor
soc2010/test-refactor
stable/0.90.x
stable/0.91.x
stable/0.95.x
stable/0.96.x
stable/1.0.x
stable/1.1.x
stable/1.10.x
stable/1.11.x
stable/1.2.x
stable/1.3.x
stable/1.4.x
stable/1.5.x
stable/1.6.x
stable/1.7.x
stable/1.8.x
stable/1.9.x
stable/2.0.x
stable/2.1.x
stable/2.2.x
stable/3.0.x
stable/3.1.x
stable/3.2.x
stable/4.0.x
stable/4.1.x
stable/4.2.x
swap-closing-quote-period-in-admin-i18nable-literal
ticket-25055
ticket-31342
update-next-docs-version
github.com: django/django.git
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
docs
/
topics
/
security.txt
Commit message (
Expand
)
Author
Age
Files
Lines
*
Updated OWASP Top 10 link in security topic.
Grammy Jiang
2022-06-16
1
-1
/
+1
*
Removed versionadded/changed annotations for 4.0.
Carlton Gibson
2022-05-17
1
-2
/
+0
*
Fixed #30360 -- Added support for secret key rotation.
tschilling
2022-02-01
1
-1
/
+2
*
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropr...
David Smith
2021-07-29
1
-7
/
+7
*
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
bankc
2021-03-30
1
-0
/
+13
*
Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments.
David Smith
2020-06-17
1
-1
/
+1
*
Fixed #31696 -- Updated OWASP links in docs.
Hasan Ramezani
2020-06-15
1
-1
/
+1
*
Added link to Mozilla's infosec page on web security.
Mads Jensen
2020-04-22
1
-0
/
+3
*
Fixed highlightlang deprecation warning on Sphinx 1.8+.
Mariusz Felisiak
2020-04-07
1
-1
/
+1
*
Fixed #29406 -- Added support for Referrer-Policy header.
Nick Pope
2019-09-09
1
-0
/
+9
*
Fixed #30573 -- Rephrased documentation to avoid words that minimise the invo...
Tobias Kunze
2019-09-06
1
-4
/
+4
*
Updated OWASP Top 10 link to the latest version.
Vedran Karačić
2018-12-27
1
-1
/
+1
*
Used auto-numbered lists in documentation.
François Freitag
2018-11-15
1
-2
/
+2
*
Described how querysets are protected from SQL injection in more detail.
Tim Graham
2017-11-01
1
-8
/
+11
*
Fixed #26947 -- Added an option to enable the HSTS header preload directive.
Ed Morley
2016-08-10
1
-2
/
+3
*
Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
Shai Berger
2016-05-19
1
-2
/
+2
*
Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.
Tim Graham
2016-04-09
1
-0
/
+5
*
Removed a reference to Django 1.3.1 in docs.
Tim Graham
2016-04-04
1
-3
/
+3
*
Fixed #26206 -- Fixed docs comments causing empty code blocks.
Tim Graham
2016-02-11
1
-1
/
+2
*
Fixed Sphinx highlight warnings in docs.
Tim Graham
2016-01-25
1
-1
/
+2
*
Removed a misleading comment about HTTPS.
Alex Gaynor
2015-12-21
1
-5
/
+5
*
Fixed #25778 -- Updated docs links to use https when available.
Jon Dufresne
2015-12-01
1
-1
/
+1
*
Fixed #25755 -- Unified spelling of "website".
Agnieszka Lasyk
2015-11-16
1
-1
/
+1
*
Added links to new security settings introduced in 1.8.
David Sanders
2015-09-04
1
-7
/
+8
*
Updated various links in docs
Claude Paroz
2015-08-08
1
-1
/
+1
*
Updated Wikipedia links to use https
Claude Paroz
2015-08-08
1
-1
/
+1
*
Fixed #25212 -- Documented the RawSQL expression.
Tim Graham
2015-08-05
1
-1
/
+2
*
Fixed #23561 -- Corrected a security doc example that requires an unquoted HT...
Carl Meyer
2014-09-26
1
-2
/
+2
*
Fixed some doc errors that caused syntax highlighting to fail.
Tim Graham
2014-08-18
1
-1
/
+1
*
Fixed #22504 -- Corrected domain terminology in security guide.
Tim Graham
2014-04-25
1
-5
/
+5
*
Fixed #22493 - Added warnings to raw() and extra() docs about SQL injection
Moayad Mardini
2014-04-25
1
-0
/
+1
*
Removed PIL compatability layer per deprecation timeline.
Tim Graham
2014-03-21
1
-2
/
+2
*
Added a warning regarding risks in serving user uploaded media.
Tim Graham
2013-11-27
1
-4
/
+46
*
Added a warning regarding session security and subdomains.
Tim Graham
2013-10-18
1
-0
/
+7
*
Fixed #20330 -- Normalized spelling of "web server".
Aymeric Augustin
2013-04-29
1
-4
/
+4
*
Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
Carl Meyer
2013-02-19
1
-37
/
+30
*
Removed django.contrib.markup.
Aymeric Augustin
2012-12-29
1
-7
/
+0
*
Fixed broken links, round 3. refs #19516
Tim Graham
2012-12-26
1
-3
/
+3
*
Fixed a security issue in get_host.
Florian Apolloner
2012-12-10
1
-0
/
+25
*
Formatting fix for host headers section
David Fischer
2012-09-06
1
-5
/
+5
*
Added CSRF with HTTPS/HSTS and forwarding note
David Fischer
2012-09-06
1
-1
/
+13
*
Added note about Strict Transport Security (HSTS)
David Fischer
2012-09-06
1
-0
/
+8
*
Rewrote security.txt SSL docs, noting SECURE_PROXY_SSL_HEADER.
Luke Plant
2012-06-04
1
-13
/
+10
*
Added more explicit warnings about unconfigured reStructured Text usage in docs.
Luke Plant
2012-04-19
1
-0
/
+8
*
Quick edit of docs/topics/security.txt to catch some basic formatting problem...
Adrian Holovaty
2011-12-17
1
-28
/
+27
*
Added protection against spoofing of X_FORWARDED_HOST headers. A security ann...
Russell Keith-Magee
2011-09-10
1
-0
/
+17
*
Fixes #16482 -- Fixes typo in security docs. Thanks, charettes.
Jannis Leidel
2011-07-29
1
-1
/
+1
*
Grammar fixes and content tweaks to XSS section of security docs.
Luke Plant
2011-07-17
1
-8
/
+9
*
Improved warning about file uploads in docs, and added link from security ove...
Luke Plant
2011-07-06
1
-1
/
+3
*
Fixed #16248 -- Corrected a few typos in the security docs. Thanks, buddelkiste.
Jannis Leidel
2011-06-14
1
-5
/
+5
[next]