#30426: Make security headers default -------------------------------------+------------------------------------- Reporter: Adam (Chainz) | Owner: Adam Johnson | (Chainz) Johnson Type: New feature | Status: assigned Component: Core (Other) | Version: 2.2 Severity: Normal | Resolution: Keywords: | Triage Stage: Accepted Has patch: 1 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 -------------------------------------+-------------------------------------
Comment (by Florian Apolloner): Replying to [comment:6 Claude Paroz]: > If this is only breaking sites in case of "bad" behavior, I guess we can live with a backwards incompatibility note in the release notes. It's not even technically backwards incompatible since you only get those settings when creating a new project, Adam did not set it in the global defaults. -- Ticket URL: <https://code.djangoproject.com/ticket/30426#comment:7> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To post to this group, send email to django-updates@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/068.1ab342e9a5d22cf7094af78c1fd7fded%40djangoproject.com. For more options, visit https://groups.google.com/d/optout.