Django ドキュメント

Home | Table of contents | Index | Modules

« previous | up | next »

検索

advanced help

phrase: max: 10 20 30 40 50 60 70 80 90 100 clip: -- 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 file dir serv

target: order:

Results of 11 - 20 of about 94 for header (0.034 sec.)

Django 1.4.3 release notes — Django 4.0.6 ドキュメント 8420

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... of potential problems from multiple sources. Host header poisoning ¶ Several earlier Django security releas ... es focused on the issue of poisoning the HTTP Host header, causing Django to generate URLs pointing to arbit ... ase, we're taking additional steps to tighten Host header validation. Rather than attempt to accommodate all ... features HTTP supports here, Django's Host header validation attempts to support a smaller, but far ...

https://man.plustar.jp/django/releases/1.4.3.html - [similar]

Django 1.6.5 release notes — Django 4.0.6 ドキュメント 8368

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... ng Django sessions, Django will set a Vary: Cookie header to ensure caches do not serve cached data to reque ... Windows Server 2003) are unable to handle the Vary header in combination with many content types. Therefore, ... Django would remove the header if the request was made by Internet Explorer. To r ... t Explorer versions has been removed, and the Vary header is no longer stripped from the response. In additi ...

https://man.plustar.jp/django/releases/1.6.5.html - [similar]

Django 1.7.3 release notes — Django 4.0.6 ドキュメント 8315

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... es several security issues and bugs in 1.7.2. WSGI header spoofing via underscore/dash conflation ¶ When HTT ... P headers are placed into the WSGI environ, they are normal ... nderscores, and prepending HTTP_ . For instance, a header X-Auth-User would become HTTP_X_AUTH_USER in the W ... s that the WSGI environ cannot distinguish between headers containing dashes and headers containing undersco ...

https://man.plustar.jp/django/releases/1.7.3.html - [similar]

Django Utils — Django 4.0.6 ドキュメント 8156

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... ling HTTP caching. It does so by managing the Vary header of responses. It includes functions to patch the h ... ly and decorators that change functions to do that header-patching themselves. For information on the Vary h ... FC 7231#section-7.1.4 . Essentially, the Vary HTTP header defines which headers a cache should take into acc ... che key. Requests with the same path but different header content for headers named in Vary need to get diff ...

https://man.plustar.jp/django/ref/utils.html - [similar]

Django 1.4.18 release notes — Django 4.0.6 ドキュメント 8117

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... gression on Python 2.5 in the 1.4.17 release. WSGI header spoofing via underscore/dash conflation ¶ When HTT ... P headers are placed into the WSGI environ, they are normal ... nderscores, and prepending HTTP_ . For instance, a header X-Auth-User would become HTTP_X_AUTH_USER in the W ... s that the WSGI environ cannot distinguish between headers containing dashes and headers containing undersco ...

https://man.plustar.jp/django/releases/1.4.18.html - [similar]

Django 1.6.10 release notes — Django 4.0.6 ドキュメント 8117

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... .6.10 fixes several security issues in 1.6.9. WSGI header spoofing via underscore/dash conflation ¶ When HTT ... P headers are placed into the WSGI environ, they are normal ... nderscores, and prepending HTTP_ . For instance, a header X-Auth-User would become HTTP_X_AUTH_USER in the W ... s that the WSGI environ cannot distinguish between headers containing dashes and headers containing undersco ...

https://man.plustar.jp/django/releases/1.6.10.html - [similar]

Django 1.3.6 release notes — Django 4.0.6 ドキュメント 7813

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... ix/security release in the Django 1.3 series. Host header poisoning ¶ Some parts of Django -- independent of ... omain name, which are generated from the HTTP Host header. Django's documentation has for some time containe ... nfigure web servers to ensure that only valid Host headers can reach the Django application. However, it has ... tion with an incorrect and possibly malicious Host header. For this reason, Django 1.3.6 adds a new setting, ...

https://man.plustar.jp/django/releases/1.3.6.html - [similar]

Django 1.4.4 release notes — Django 4.0.6 ドキュメント 7708

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... ix/security release in the Django 1.4 series. Host header poisoning ¶ Some parts of Django -- independent of ... omain name, which are generated from the HTTP Host header. Django's documentation has for some time containe ... nfigure web servers to ensure that only valid Host headers can reach the Django application. However, it has ... tion with an incorrect and possibly malicious Host header. For this reason, Django 1.4.4 adds a new setting, ...

https://man.plustar.jp/django/releases/1.4.4.html - [similar]

Django 2.2.22 release notes — Django 4.0.6 ドキュメント 7549

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... fixes a security issue in 2.2.21. CVE-2021-32052: Header injection possibility since URLValidator accepted ... h newlines in HTTP response, you could suffer from header injection attacks. Django itself wasn't vulnerable ... because HttpResponse prohibits newlines in HTTP headers. Moreover, the URLField form field which uses URL ... . 目次 Django 2.2.22 release notes CVE-2021-32052: Header injection possibility since URLValidator accepted ...

https://man.plustar.jp/django/releases/2.2.22.html - [similar]

Django 3.1.10 release notes — Django 4.0.6 ドキュメント 7549

" + tagname + " "); } }); $("div.highlight\\-html\\+django span.nf").each(function(i, elem) { va ... 0 fixes a security issue in 3.1.9. CVE-2021-32052: Header injection possibility since URLValidator accepted ... h newlines in HTTP response, you could suffer from header injection attacks. Django itself wasn't vulnerable ... because HttpResponse prohibits newlines in HTTP headers. Moreover, the URLField form field which uses URL ... . 目次 Django 3.1.10 release notes CVE-2021-32052: Header injection possibility since URLValidator accepted ...

https://man.plustar.jp/django/releases/3.1.10.html - [similar]

PREV 1 2 3 4 5 6 7 8 9 10 NEXT