mirror of
https://github.com/django/django.git
synced 2025-07-07 13:25:15 +00:00
d63241ebc7
This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| custom_commands_app/management/commands | ||
| template_test_apps | ||
| urls | ||
| __init__.py | ||
| apps.py | ||
| models.py | ||
| test_4_0_compatibility.py | ||
| test_async_checks.py | ||
| test_caches.py | ||
| test_commands.py | ||
| test_database.py | ||
| test_files.py | ||
| test_model_checks.py | ||
| test_model_field_deprecation.py | ||
| test_multi_db.py | ||
| test_security.py | ||
| test_templates.py | ||
| test_translation.py | ||
| test_urls.py | ||
| tests.py | ||