Re: Rethink (?) how we handle security headers.

By the way, while reviewing the SecurityMiddleware, I would suggest that the redirection part be moved to a different middleware. http to https redirection should preferably be done at the Web server level, and for those doing that properly, they still pay for the unneeded (albeit small) overhea

Username Validators 27807

Hi Everyone! I am currently working on my first Django ticket 27807 , which is to allow users to customize username validation. My experience with Django and development is very limited (junior developer level). I need some guidance on this. I am ta

Re: Rethink (?) how we handle security headers.

Sci - please stop posting on this mailing list about whatsapp etc. It's not appropriate. Carlton - I have three thoughts re: security headers 1. I'm fine adding new settings for them. I think it's basically part of the territory. More headers are appearing, to support them we can use the same mec

Re: Rethink (?) how we handle security headers.

Your contact number send me I want a VIP site On Thu, 30 Jul 2020, 2:37 pm Carlton Gibson, wrote: > Hi. > > (This is quite preliminary but...) > > So we added support for Referrer-Policy in 3.0 > https://docs.djangoproject.com/en/3.0/ref/middleware/#referrer-policy > > This added the SECURE_REFE

Rethink (?) how we handle security headers.

Hi. (This is quite preliminary but...) So we added support for Referrer-Policy in 3.0 https://docs.djangoproject.com/en/3.0/ref/middleware/#referrer-policy This added the SECURE_REFERRER_POLICY setting. We have a Someday/Maybe Permissions-Policy (was Feature-Policy). for https://code.djangopro