flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity
857 Commits 5 Branches 0 Tags
Commit Graph

19 Commits

Author SHA1 Message Date
Thomas Waldmann
70ab452484 point out MITM risk when not using https for querying the IP 2014-11-15 16:05:29 +01:00
Thomas Waldmann
1697941ad0 update / improve docs 2014-11-15 15:46:14 +01:00
Thomas Waldmann
63c1cdbe6b remove support for django 1.5.x, stuff not needed any more when requiring >= 1.6 2014-09-26 02:25:08 +02:00
Thomas Waldmann
4bb8301142 docs: explain why we auto-generate random update passwords 2014-09-17 00:08:30 +02:00
Thomas Waldmann
b6db7a33d8 use django's clickjacking protection middleware 2014-08-28 13:18:08 +02:00
Thomas Waldmann
d47793b71c s/WE_HAVE_SSL/WE_HAVE_TLS/g 
SSL is the old/outdated name. Since 1999, it's called TLS.

Changed the name of the configuration setting.
 2014-05-30 01:18:50 +02:00
Thomas Waldmann
46008bf2cd s/SSL/TLS/g (almost) 
SSL is the old/outdated name. Since 1999, it's called TLS.

In this changeset, I did the mostly harmless changes (UI, logs, docs).
 2014-05-30 01:10:33 +02:00
Thomas Waldmann
0772874ead docs update about "update other services" feature 2013-11-29 11:30:14 +01:00
Thomas Waldmann
4589dd512b fix session cookie behaviour to be more private for not logged-in users, fixes #96 
the bug was that it used a permanent cookie for not-logged in users and only switched it to
a session cookie when you logged in (and did not check the remember me checkbox).

now it uses (non-permanent) session cookies by default and switches to the permanent cookie
only if you tell so when logging in and checking that checkbox.
 2013-11-28 09:14:16 +01:00
Thomas Waldmann
dd09b6b5af nameserver update key / secret terminology cleanup 
key = secret + algorithm
 2013-11-24 05:04:07 +01:00
Thomas Waldmann
fe96c21592 clarify how the SECRET_KEY is setup, we don't have a builtin (not secret) SECRET_KEY any more 2013-11-17 02:08:02 +01:00
Thomas Waldmann
89e18d9d65 document how cookies are used depending on the "keep me logged in" checkbox state 2013-11-16 05:14:03 +01:00
Thomas Waldmann
0d2184037a docs enhancements 2013-11-08 01:52:52 +01:00
Thomas Waldmann
f12539aee8 document local vs. remote account login 2013-11-03 21:13:08 +01:00
Thomas Waldmann
52c2916215 add docs about secure cookies 2013-11-03 10:19:05 +01:00
Thomas Waldmann
7a99935597 use json serializer for sessions, change timestamps' data type, more security docs 
json serializer can't serialize datetime (but integers), but is more safe than the pickle serializer.
 2013-11-03 09:52:11 +01:00
Thomas Waldmann
5cd14a9cd3 update security docs 2013-11-03 09:15:51 +01:00
Thomas Waldmann
24ad97c0ef document cookie usage, warn about domain cookies 2013-10-05 16:24:45 +02:00
Thomas Waldmann
aa3fb3c746 add security documentation 2013-10-04 00:28:28 +02:00