File: CHANGELOG

package info (click to toggle)
django-session-security 2.6.6%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, sid
  • size: 636 kB
  • sloc: javascript: 6,675; python: 589; makefile: 133
file content (117 lines) | stat: -rw-r--r-- 3,475 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
2.6.6 Django 3.0 support

And test fix, by @jsm222, big thanks !!

2.6.1 #113: Check if session expired on activity by @rbntimes

2.6.0 Release

2.6.0-rc1

    #103: Django 2.0 urlresolvers import fix by @Ruffle0
    #98: Call is_authenticated property instead of function for Django 2.0 by @tpeaton
    #105: Ensure setTimeout() millisecond parameter doesn't exceed max value by @abottc
    Polish translation update by @mpasternak

2.5.1

   - #90: add SESSION_SECURITY_PASSIVE_URL_NAMES setting

2.5.0

    - #79 remove compiled binary from source to comply with Debian source code
      repository policy by @nirgal
    - #81 support django 1.10 by @eriktelepovsky
    - #84 a11y support to modal dialog by @lynnco
    - #85 support for mobile device activity by @kalekseev
    - #88 dutch translation update by @rdekker1
    - #91 test django 1.11 and 2.0 instead of 1.7 by @jpic

2.4.0

    - #75 Fix vulnerability when SESSION_EXPIRE_AT_BROWSER_CLOSE is off
    - #77 Crash if SESSION_EXPIRE_AT_BROWSER_CLOSE is off
    - #78 Update test matrix to have Django 1.10 + master instead of just
      master
    - #74 Created security mailing list

    Thanks @ClaytonDelay for contacting about the issue.
    Note that if you don't have SESSION_EXPIRE_AT_BROWSER_CLOSE=True in your
    settings, then the project won't start unless you set
    SESSION_SECURITY_INSECURE=True, which you shouldn't.

2.3.3 #69: Encode response to JSON by Tatsh

2.3.2

    - #58: Allow for custom expiration based on request (#65) by @mjschultz

2.3.1

    - #57: added redirectTo parameter to the script by Andrei Coman
    - test stabilization with django-sbo-selenium
    - Django 1.10 support

2.3.0 Deprecate support for Django < 1.6

2.2.5 #56: Dj19 support by @eriktelepovsky

2.2.4 #43: Throttle lastActivity updates to once per second by @cuu508

2.2.3 #31: Removed a .mo file

2.2.2

    - #21: Polish translation
    - #23: French translation fix
    - #26: Fix an edge bug discovered in multithreaded environments
    - #30: Use reverse_lazy in settings.py
    - Added to AUTHORS: @mschettler, @mattbo, @nirgal, @mpasternak

2.2.1: #24: Center the modal on the viewport

2.2.0: Pre-build .mo.

2.1.7 #19: Use consistent formatting for the datetime. Fixes random failures in
      test suites. By Scott Sexton.

2.1.6 #18: Spanish translation

2.1.5 #17: Fix l10n error with long numbers @jacoor

2.1.4 #13: Fix clock sync problems by @krillr

2.1.3 Added Brazilian Portuguese Translation

2.1.2 Use {% static %} instead of {{ STATIC_URL }} in all.html

2.1.1

    - Fixed AUTHORS,
    - Added utils to full documentation.
    - Promoted to Production/Stable.

2.1.0

    - Django 1.5 and 1.6 support.
    - Fix #6: Internet Explorer 8 support.
    - Python 3.3 support.
    - Minor BC break: we can't set datetime objects directly in the session
      since django 1.6. Instead, we go through session_security.utils functions
      get_last_activity() and set_last_activity(). If you were touching
      session['_session_security'] directly, you should update your code to use
      those functions.

2.0.6 Fix #5: Make the list of event types to monitor an option.

2.0.5 Removed more debug statements.

2.0.4 Fix #4: Removed debug statement.

2.0.3 Unset data-dirty on form submit, to prevent onbeforeunload.

2.0.2 Added confirmFormDiscard and onbeforeunload handler.

2.0.1 Traded POST ping request for a GET ping request, removed CSRF code.

2.0.0 Rewrite with unit tests.