Navigation:
Browse pkgsrc
(this page) 2019-11-05 10:05:24 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-django-cors-headers: updated to 3.1.1 3.1.1: Support the value file:// for origins, which is accidentally sent by some \ versions of Chrome on Android. 3.1.0: Drop Python 2 support, only Python 3.5-3.7 is supported now. Fix all links for move from github.com/ottoyiu/django-cors-headers to \ github.com/adamchainz/django-cors-headers. |
| 2019-05-29 23:07:15 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 3.0.2 3.0.2: * Add a hint to the corsheaders.E013 check to make it more obvious how to resolve it. |
| 2019-05-13 17:54:51 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: py-django-cors-headers: updated to 3.0.1 3.0.1: Allow 'null' in CORS_ORIGIN_WHITELIST check. 3.0.0: CORS_ORIGIN_WHITELIST now requires URI schemes, and optionally ports. This is \ part of the CORS specification (Section 3.2) that was not implemented in this \ library, except from with the CORS_ORIGIN_REGEX_WHITELIST setting. It fixes a \ security issue where the CORS middleware would allow requests between schemes, \ for example from insecure http:// Origins to a secure https:// site. You will need to update your whitelist to include schemes, for example from this: CORS_ORIGIN_WHITELIST = ['example.com'] ...to this: CORS_ORIGIN_WHITELIST = ['https://example.com'] Removed the CORS_MODEL setting, and associated class. It seems very few, or no \ users were using it, since there were no bug reports since its move to abstract \ in version 2.0.0 (2017-01-07). If you are using this functionality, you can \ continue by changing your model to not inherit from the abstract one, and add a \ signal handler for check_request_enabled that reads from your model. Note you'll \ need to handle the move to include schemes for Origins. |
| 2019-04-29 09:48:33 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.5.3 2.5.3: * Tested on Django 2.2. No changes were needed for compatibility. * Tested on Python 3.7. No changes were needed for compatibility. |
| 2019-03-18 13:37:51 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.5.2 2.5.2: * Improve inclusion of tests in sdist to ignore .pyc files. 2.5.1: * Include test infrastructure in sdist to allow consumers to use it. |
| 2019-03-10 16:27:07 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: py-django-cors-headers: updated to 2.5.0 2.5.0: * Drop Django 1.8, 1.9, and 1.10 support. Only Django 1.11+ is supported now. |
| 2019-03-01 13:48:09 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.4.1 2.4.1: * Fix DeprecationWarning from importing collections.abc.Sequence on Python 3.7. |
| 2018-07-24 08:32:48 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.4.0 2.4.0: Always add 'Origin' to the 'Vary' header for responses to enabled URL's, to \ prevent caching of responses intended for one origin being served for another. |
| 2018-07-06 13:17:42 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.3.0 2.3.0: Match CORS_URLS_REGEX to request.path_info instead of request.path, so the \ patterns can work without knowing the site's path prefix at configuration time. |
| 2018-03-02 12:34:29 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-django-cors-headers: updated to 2.2.0 2.2.0: Django 2.0 compatibility. Again there were no changes to the actual library \ code, so previous versions probably work. Ensured that request._cors_enabled is always a bool() - previously it could be \ set to a regex match object. |
New packages: