Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/django/middleware/csrf.py
Commit message (Expand)AuthorAgeFilesLines
* Fixed #24496 -- Added CSRF Referer checking against CSRF_...Matt Robenolt2015-09-161-6/+29
* Fixed #25334 -- Provided a way to allow cross-origin unsa...Joshua Kehn2015-09-051-4/+9
* Fixed #24696 -- Made CSRF_COOKIE computation lazy.Jay Cox2015-05-031-11/+4
* Fixed #21495 -- Added settings.CSRF_HEADER_NAMEGrzegorz Slusarek2015-03-051-1/+1
* Sorted imports with isort; refs #23860.Tim Graham2015-02-061-2/+1
* Fixed #23815 -- Prevented UnicodeDecodeError in CSRF midd...Claude Paroz2015-01-061-1/+5
* Fixed #20128 -- Made CsrfViewMiddleware ignore IOError wh...Tim Graham2014-06-251-1/+9
* Fixed #22185 -- Added settings.CSRF_COOKIE_AGERoger Hu2014-03-061-1/+1
* Fixed flake8 E251 violationsMilton Mazzarri2013-11-031-1/+1
* More attacking E302 violatorsAlex Gaynor2013-11-021-0/+1
* Fixed #21324 -- Translate CSRF failure viewBouke Haarsma2013-11-021-3/+2
* Fixed bug causing CSRF token not to rotate on login.Tim Graham2013-10-181-1/+4
* Removed several unused imports.Aymeric Augustin2013-06-191-2/+0
* Rotate CSRF token on loginAndrew Godwin2013-05-241-0/+8
* Fixed #19436 -- Don't log warnings in ensure_csrf_cookie.Olivier Sels2013-05-181-27/+7
* Fixed #15808 -- Added optional HttpOnly flag to the CSRF ...Aymeric Augustin2013-02-071-1/+2
* Fixed typos in docs and commentsTim Graham2013-01-291-2/+2
* Imported getLogger directly from logging moduleClaude Paroz2012-09-201-2/+3
* fixed rfc comment typo in middleware/csrf.pyCollin Anderson2012-09-101-1/+1
* [py3] Made csrf context processor return UnicodeClaude Paroz2012-08-131-3/+4
* Documentation (and some small source code) edits from [17...Adrian Holovaty2012-02-171-12/+12
* Fixes #16827. Adds a length check to CSRF tokens before a...Paul McMillan2012-02-111-25/+27
* Fixed #17358 -- Updated logging calls to use official syn...Jannis Leidel2012-02-091-4/+4
* Fixed #15258 - Ajax CSRF protection doesn't apply to PUT ...Luke Plant2011-05-101-4/+9
* Fixed #14134 - ability to set cookie 'path' and 'secure' ...Luke Plant2011-05-101-2/+6
* Removed deprecated CsrfResponseMiddleware, and correspond...Luke Plant2011-03-301-91/+0
* Removed Django 1.1 fallback for CSRF checks.Luke Plant2011-03-301-52/+23
* Removed a bunch more Python 2.4 workarounds now that we d...Adrian Holovaty2011-03-281-4/+3
* Fixed #15617 - CSRF referer checking too strictLuke Plant2011-03-151-3/+3
* Corrected logging call in CSRF middlewareLuke Plant2011-02-221-1/+1
* Fixed a security issue in the CSRF component. Disclosure...Alex Gaynor2011-02-091-25/+5
* Fixed #14565 - No csrf_token on 404 page.Luke Plant2010-10-281-16/+20
* Fixed #14445 - Use HMAC and constant-time comparison func...Luke Plant2010-10-141-2/+3
* Fixed #14436 -- Escalated 1.2 PendingDeprecationWarnings ...Russell Keith-Magee2010-10-111-1/+1
* Fixed #14406 -- Added a Python 2.4 compatibility to the l...Russell Keith-Magee2010-10-061-2/+2
* Fixed #12012 -- Added support for logging. Thanks to Vina...Russell Keith-Magee2010-10-041-2/+35
* Fixed #14235 - UnicodeDecodeError in CSRF middlewareLuke Plant2010-09-111-5/+18
* Patch CSRF-protection system to deal with reported securi...James Bennett2010-09-091-2/+4
* Added explanatory note on CSRF failure page for the case ...Luke Plant2010-09-031-6/+18
* Added proper code comments for the HTTPS CSRF protection.Luke Plant2010-07-011-2/+16
* Fixed #13716 - the CSRF get_token function stopped workin...Luke Plant2010-06-081-3/+5
* Misc clarifications in csrf middleware commentsLuke Plant2009-10-271-6/+9
* Slight change to CSRF error messages to make debugging ea...Luke Plant2009-10-271-2/+6
* Removed unused import.Luke Plant2009-10-271-4/+0
* Moved contrib.csrf.* to core code.Luke Plant2009-10-271-0/+262