Permalink
Commits on Nov 28, 2017
  1. Merge pull request #92 from jonashaag/fix-include-nonce-in

    EnTeQuAk committed Nov 28, 2017
    Don't crash if CSP_INCLUDE_NONCE_IN setting is missing
Commits on Nov 23, 2017
Commits on Aug 23, 2017
  1. Merge pull request #90 from mozilla/drop-old-django16-17

    EnTeQuAk committed Aug 23, 2017
    Drop old django 1.6 and 1.7
Commits on Aug 22, 2017
  1. Remove unused requirements.txt

    EnTeQuAk committed Aug 22, 2017
Commits on Aug 21, 2017
  1. Merge pull request #77 from systemsoverload/systemsoverload/nonce-con…

    EnTeQuAk committed Aug 21, 2017
    …text-processor
    
    Create context processor for CSP nonce
Commits on Aug 18, 2017
  1. Merge pull request #85 from mythmon/allow-override-falsey

    EnTeQuAk committed Aug 18, 2017
    Allow removing directives using @csp_replace
  2. Merge pull request #75 from systemsoverload/systemsoverload/nonce-mid…

    EnTeQuAk committed Aug 18, 2017
    …dleware
    
    Add basic nonce implementation to build_policy and CSPMiddleware
Commits on Jul 21, 2017
  1. Wrap nonce in single quotes per spec

    TJ Kells committed Jul 21, 2017
  2. Rename shadowed comprehension variable

    TJ Kells committed Jul 21, 2017
Commits on Apr 14, 2017
  1. Merge pull request #88 from JshWright/patch-1

    EnTeQuAk committed Apr 14, 2017
    Remove upper bound on Django version
  2. Remove upper bound on Django version

    JshWright committed Apr 14, 2017
    Django's backwards compatibility and deprecation policies mean that any future compatibility issues will be known well in advance of any breakage. There is no advantage to pinning the upper bound on the supported Django version. It means a django-csp release is required to support each version of Django (and we're currently waiting on a django-csp release to upgrade to Django 1.11).
Commits on Apr 6, 2017
  1. Merge pull request #87 from Flimm/add-django-111

    EnTeQuAk committed Apr 6, 2017
    Add support for Django 1.11 and Python 3.6
Commits on Apr 5, 2017
Commits on Mar 11, 2017
Commits on Jan 18, 2017
  1. Prepare for 3.2 release

    EnTeQuAk committed Jan 18, 2017
Commits on Jan 17, 2017
  1. Merge pull request #84 from mozilla/bugfix/fix-changelog

    EnTeQuAk committed Jan 17, 2017
    Update and fix documentation with what we actually released.
  2. Update and fix documentation with what we actually released.

    EnTeQuAk committed Jan 17, 2017
Commits on Dec 20, 2016
  1. Merge pull request #81 from mozilla/child-src-deprecation-notice

    g-k committed Dec 20, 2016
    add deprecation warning for child-src
  2. Prep changelog for v3.0.1

    g-k committed Dec 15, 2016
Commits on Dec 15, 2016
  1. Merge pull request #82 from mozilla/g-k-patch-1

    g-k committed Dec 15, 2016
    docs: Fix typo WOKER -> WORKER
Commits on Dec 13, 2016
  1. warn for child-src with on space b/w sentences

    g-k committed Dec 13, 2016
Commits on Dec 9, 2016
  1. docs: Fix typo WOKER -> WORKER

    g-k committed Dec 9, 2016
  2. add deprecation warning for child-src

    g-k committed Dec 9, 2016
    refs: #80
Commits on Nov 9, 2016
Commits on Nov 7, 2016
  1. Add setting to disable the csp nonce header

    TJ Kells committed Nov 7, 2016
  2. Clarify intent of comment

    TJ Kells committed Nov 7, 2016
Commits on Nov 3, 2016
  1. Merge pull request #76 from savioabuga/docs-update

    EnTeQuAk committed Nov 3, 2016
    update docs with correct settings title