#30426: Make security headers default
-------------------------------------+-------------------------------------
Reporter: Adam (Chainz) | Owner: Adam
Johnson | (Chainz) Johnson
Type: New feature | Status: assigned
Component: Core (Other) | Version: 2.2
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Florian Apolloner):
Replying to [comment:6 Claude Paroz]:
> If this is only breaking sites in case of "bad" behavior, I guess we can
live with a backwards incompatibility note in the release notes.
It's not even technically backwards incompatible since you only get those
settings when creating a new project, Adam did not set it in the global
defaults.
--
Ticket URL: <https://code.djangoproject.com/ticket/30426#comment:7>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/068.1ab342e9a5d22cf7094af78c1fd7fded%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
