Skip to content

Releases: qld-gov-au/ckanext-csrf-filter

2.0.0 Add CKAN 2.11 support and drop Python 2

17 Dec 05:20
ea1f143
Compare
Choose a tag to compare

What's Changed

  • [QOLDEV-983] update support to CKAN 2.11 by @ThrawnCA in #46
  • [QOLDEV-983] gracefully handle absent charset on Flask response by @ThrawnCA in #47
  • Develop to master - add CKAN 2.11 support and drop Python 2 by @ThrawnCA in #48

Full Changelog: 1.2.1...2.0.0

1.2.1 Fix SameSite on Python 2, exclude logout from filtering

18 Dec 01:42
9b62c2e
Compare
Choose a tag to compare

What's Changed

  • [QOLSVC-3914] exclude logout URL from CSRF protection by @ThrawnCA in #43
  • fix SameSite cookie attribute on older Werkzeug versions by @ThrawnCA in #45
  • Develop to main - don't require tokens on the logout URL by @ThrawnCA in #44

Full Changelog: 1.2.0...1.2.1

1.2.0 Add configuration options for SameSite and custom rules

12 Oct 05:53
e6ae5cc
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: 1.1.7...1.2.0

Fix failures on re-login

24 Mar 10:01
1.1.8
8d98a1b
Compare
Choose a tag to compare

What's Changed

  • [QOLSVC-1241] stop login page from being cached by @ThrawnCA in #33
  • Develop to master - fix CSRF errors on re-login by @ThrawnCA in #34

Full Changelog: 1.1.7...1.1.8

Support CKAN 2.10

14 Mar 05:45
f517a42
Compare
Choose a tag to compare

What's Changed

Full Changelog: 1.1.6...1.1.7

Fix Login CSRF handling on CKAN 2.9

05 Oct 06:10
1.1.6
8ba71bf
Compare
Choose a tag to compare

What's Changed

  • [QOL-9385] handle CKAN 2.9 path to Repoze form plugin by @ThrawnCA in #29
  • Develop to master - fix import path for CKAN 2.9 by @ThrawnCA in #30

Full Changelog: 1.1.5...1.1.6

Ensure Flask views are returned

27 Jul 00:56
e2b4987
Compare
Choose a tag to compare

What's Changed

Full Changelog: 1.1.4...1.1.5

Fix handling of slashes in URLs and usernames

17 Jun 03:45
d25531b
Compare
Choose a tag to compare

What's Changed

  • DC-31541 Fix API calls by @ThrawnCA in #23
  • [DC-31541] add testing of encoding handling with real Request by @ThrawnCA in #25

Full Changelog: 1.1.3...1.1.4

Don't try to inject tokens in emails

13 Apr 06:04
075d2ec
Compare
Choose a tag to compare

Skip token injection in rendering contexts where there is no response object, or the rendered template is not HTML.

What's Changed

  • Update imports to use full path by @markstuart in #15
  • [QOL-8392] gracefully handle contexts with no response object or non-HTML response type by @ThrawnCA in #21
  • Develop to master by @ThrawnCA in #22

Full Changelog: 1.1.2...1.1.3

Fix Python 3 string bugs

14 Jan 05:49
c3160eb
Compare
Choose a tag to compare

Fix handling of str vs bytes in Python 3