Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. #12419

Merged
merged 1 commit into from Feb 5, 2020
Merged

Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. #12419

merged 1 commit into from Feb 5, 2020

Conversation

adamchainz
Copy link
Sponsor Member

No description provided.

@adamchainz adamchainz force-pushed the ticket_31232 branch 2 times, most recently from c4d3002 to 15fb2e1 Compare February 5, 2020 10:14
@adamchainz adamchainz force-pushed the ticket_31232 branch 2 times, most recently from 3d33489 to 057dcec Compare February 5, 2020 11:13
@felixxm felixxm self-assigned this Feb 5, 2020
felixxm
felixxm reviewed Feb 5, 2020
View reviewed changes
docs/releases/3.1.txt Outdated
:class:`~django.middleware.security.SecurityMiddleware` will set the
:ref:`referrer-policy` header to ``same-origin`` on all responses that do not
already have it. This prevents the ``Referer`` header being sent to other
origins. To override this default, explicitly set
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe:

If you need the previous behavior, explicitly set ...

docs/releases/3.1.txt Outdated Show resolved Hide resolved
@felixxm felixxm changed the title Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin' Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. Feb 5, 2020
@adamchainz adamchainz force-pushed the ticket_31232 branch 2 times, most recently from 9fd3bec to 0b73e20 Compare February 5, 2020 13:37
@felixxm felixxm merged commit 72b97a5 into django:master Feb 5, 2020
@adamchainz adamchainz deleted the ticket_31232 branch March 25, 2020 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixxm felixxm felixxm left review comments

Assignees

@felixxm felixxm

Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@adamchainz @felixxm