1
0
mirror of https://github.com/django/django.git synced 2025-10-25 06:36:07 +00:00
Commit Graph

9 Commits

Author SHA1 Message Date
Rob Hudson
d63241ebc7 Fixed #15727 -- Added Content Security Policy (CSP) support.
This initial work adds a pair of settings to configure specific CSP
directives for enforcing or reporting policy violations, a new
`django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the
appropriate headers to responses, and a context processor to support CSP
nonces in templates for safely inlining assets.

Relevant documentation has been added for the 6.0 release notes,
security overview, a new how-to page, and a dedicated reference section.

Thanks to the multiple reviewers for their precise and valuable feedback.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
2025-06-27 15:57:02 -03:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Tim Graham
043bd70942 Updated test URL patterns to use path() and re_path(). 2018-12-31 10:47:32 -05:00
Tim Graham
0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Bas Peschier
eacf244506 Converted sql_queries into a lazily evaluated list.
Fixed #23364. Thanks Markush2010 for the report.
2014-08-30 13:27:56 +02:00
Tim Graham
d73d0e071c Fixed #22218 -- Deprecated django.conf.urls.patterns.
Thanks Carl Meyer for the suggestion and Alex Gaynor and Carl for reviews.
2014-04-03 07:28:10 -04:00
Tim Graham
36ded01527 Fixed #21302 -- Fixed unused imports and import *. 2013-11-02 15:24:56 -04:00
Claude Paroz
5c1143910e Removed most of absolute_import imports
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
2013-07-29 20:28:13 +02:00
Florian Apolloner
89f40e3624 Merged regressiontests and modeltests into the test root. 2013-02-26 14:36:57 +01:00