Arthur de Jong
Open Source / Free Software developer
index
:
django
master
ticket_15910
ticket_15910.old
The Web framework for perfectionists with deadlines
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
django
/
middleware
/
csrf.py
Commit message (
Expand
)
Author
Age
Files
Lines
*
Fixed #24496 -- Added CSRF Referer checking against CSRF_...
Matt Robenolt
2015-09-16
1
-6
/
+29
*
Fixed #25334 -- Provided a way to allow cross-origin unsa...
Joshua Kehn
2015-09-05
1
-4
/
+9
*
Fixed #24696 -- Made CSRF_COOKIE computation lazy.
Jay Cox
2015-05-03
1
-11
/
+4
*
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
Grzegorz Slusarek
2015-03-05
1
-1
/
+1
*
Sorted imports with isort; refs #23860.
Tim Graham
2015-02-06
1
-2
/
+1
*
Fixed #23815 -- Prevented UnicodeDecodeError in CSRF midd...
Claude Paroz
2015-01-06
1
-1
/
+5
*
Fixed #20128 -- Made CsrfViewMiddleware ignore IOError wh...
Tim Graham
2014-06-25
1
-1
/
+9
*
Fixed #22185 -- Added settings.CSRF_COOKIE_AGE
Roger Hu
2014-03-06
1
-1
/
+1
*
Fixed flake8 E251 violations
Milton Mazzarri
2013-11-03
1
-1
/
+1
*
More attacking E302 violators
Alex Gaynor
2013-11-02
1
-0
/
+1
*
Fixed #21324 -- Translate CSRF failure view
Bouke Haarsma
2013-11-02
1
-3
/
+2
*
Fixed bug causing CSRF token not to rotate on login.
Tim Graham
2013-10-18
1
-1
/
+4
*
Removed several unused imports.
Aymeric Augustin
2013-06-19
1
-2
/
+0
*
Rotate CSRF token on login
Andrew Godwin
2013-05-24
1
-0
/
+8
*
Fixed #19436 -- Don't log warnings in ensure_csrf_cookie.
Olivier Sels
2013-05-18
1
-27
/
+7
*
Fixed #15808 -- Added optional HttpOnly flag to the CSRF ...
Aymeric Augustin
2013-02-07
1
-1
/
+2
*
Fixed typos in docs and comments
Tim Graham
2013-01-29
1
-2
/
+2
*
Imported getLogger directly from logging module
Claude Paroz
2012-09-20
1
-2
/
+3
*
fixed rfc comment typo in middleware/csrf.py
Collin Anderson
2012-09-10
1
-1
/
+1
*
[py3] Made csrf context processor return Unicode
Claude Paroz
2012-08-13
1
-3
/
+4
*
Documentation (and some small source code) edits from [17...
Adrian Holovaty
2012-02-17
1
-12
/
+12
*
Fixes #16827. Adds a length check to CSRF tokens before a...
Paul McMillan
2012-02-11
1
-25
/
+27
*
Fixed #17358 -- Updated logging calls to use official syn...
Jannis Leidel
2012-02-09
1
-4
/
+4
*
Fixed #15258 - Ajax CSRF protection doesn't apply to PUT ...
Luke Plant
2011-05-10
1
-4
/
+9
*
Fixed #14134 - ability to set cookie 'path' and 'secure' ...
Luke Plant
2011-05-10
1
-2
/
+6
*
Removed deprecated CsrfResponseMiddleware, and correspond...
Luke Plant
2011-03-30
1
-91
/
+0
*
Removed Django 1.1 fallback for CSRF checks.
Luke Plant
2011-03-30
1
-52
/
+23
*
Removed a bunch more Python 2.4 workarounds now that we d...
Adrian Holovaty
2011-03-28
1
-4
/
+3
*
Fixed #15617 - CSRF referer checking too strict
Luke Plant
2011-03-15
1
-3
/
+3
*
Corrected logging call in CSRF middleware
Luke Plant
2011-02-22
1
-1
/
+1
*
Fixed a security issue in the CSRF component. Disclosure...
Alex Gaynor
2011-02-09
1
-25
/
+5
*
Fixed #14565 - No csrf_token on 404 page.
Luke Plant
2010-10-28
1
-16
/
+20
*
Fixed #14445 - Use HMAC and constant-time comparison func...
Luke Plant
2010-10-14
1
-2
/
+3
*
Fixed #14436 -- Escalated 1.2 PendingDeprecationWarnings ...
Russell Keith-Magee
2010-10-11
1
-1
/
+1
*
Fixed #14406 -- Added a Python 2.4 compatibility to the l...
Russell Keith-Magee
2010-10-06
1
-2
/
+2
*
Fixed #12012 -- Added support for logging. Thanks to Vina...
Russell Keith-Magee
2010-10-04
1
-2
/
+35
*
Fixed #14235 - UnicodeDecodeError in CSRF middleware
Luke Plant
2010-09-11
1
-5
/
+18
*
Patch CSRF-protection system to deal with reported securi...
James Bennett
2010-09-09
1
-2
/
+4
*
Added explanatory note on CSRF failure page for the case ...
Luke Plant
2010-09-03
1
-6
/
+18
*
Added proper code comments for the HTTPS CSRF protection.
Luke Plant
2010-07-01
1
-2
/
+16
*
Fixed #13716 - the CSRF get_token function stopped workin...
Luke Plant
2010-06-08
1
-3
/
+5
*
Misc clarifications in csrf middleware comments
Luke Plant
2009-10-27
1
-6
/
+9
*
Slight change to CSRF error messages to make debugging ea...
Luke Plant
2009-10-27
1
-2
/
+6
*
Removed unused import.
Luke Plant
2009-10-27
1
-4
/
+0
*
Moved contrib.csrf.* to core code.
Luke Plant
2009-10-27
1
-0
/
+262