| 
							
							
								 Tim Graham | c27104a9c7 | Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. | 2016-12-19 17:56:58 -05:00 |  | 
			
				
					| 
							
							
								 Raphael Michel | 33e86b3488 | Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS. | 2016-12-17 09:59:48 -05:00 |  | 
			
				
					| 
							
							
								 Ed Morley | 7399fee6c3 | Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD. | 2016-08-10 20:31:01 -04:00 |  | 
			
				
					| 
							
							
								 Florian Apolloner | 9baf692a58 | Fixed #26601 -- Improved middleware per DEP 0005. Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP. | 2016-05-17 07:22:22 -04:00 |  | 
			
				
					| 
							
							
								 Josh Soref | 93452a70e8 | Fixed many spelling mistakes in code, comments, and docs. | 2015-12-03 12:48:24 -05:00 |  | 
			
				
					| 
							
							
								 rroskam | ed514caed2 | Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. | 2015-07-15 09:18:58 -04:00 |  | 
			
				
					| 
							
							
								 Simon Charette | be67400b47 | Refs #24652 -- Used SimpleTestCase where appropriate. | 2015-05-20 13:46:13 -04:00 |  | 
			
				
					| 
							
							
								 Tim Graham | 0ed7d15563 | Sorted imports with isort; refs #23860. | 2015-02-06 08:16:28 -05:00 |  | 
			
				
					| 
							
							
								 Tim Graham | 52ef6a4726 | Fixed #17101 -- Integrated django-secure and added check --deploy option Thanks Carl Meyer for django-secure and for reviewing.
Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews. | 2014-09-12 15:05:23 -04:00 |  |