Mateusz Mandera 13c3eaf086 rate_limit: Restrict tornado backend to explicitly specified domains. ...

This will protect us in case of some kinds of bugs that could allow
making requests such as password authentication attempts to tornado.
Without restricting the domains to which the in-memory backend can
be applied, such bugs would lead to attackers having multiple times
larger rate limits for these sensitive requests.

2020-05-25 15:40:00 -07:00

..

jinja2

static: Serve webpack bundles from the root domain.

2020-04-10 00:48:02 -07:00

__init__.py

…

backends.py

auth: Log when a user tries to login with deactivated account.

2020-05-24 17:27:19 -07:00

config.py

python: Modernize legacy Python 2 syntax with pyupgrade.

2020-04-09 16:43:22 -07:00

default_settings.py

landing: Add option to show custom navbar message.

2020-05-24 17:34:03 -07:00

dev_settings.py

landing: Add option to show custom navbar message.

2020-05-24 17:34:03 -07:00

dev_urls.py

static: Serve webpack bundles from the root domain.

2020-04-10 00:48:02 -07:00

email_backends.py

logging: Pass format arguments to logging.

2020-05-02 10:18:02 -07:00

legacy_urls.py

urls: Migrate legacy urls to use modern django pattern.

2020-05-07 16:33:03 -07:00

prod_settings_template.py

saml: Implement limiting of IdP to specified realms.

2020-04-16 17:04:08 -07:00

settings.py

rate_limit: Restrict tornado backend to explicitly specified domains.

2020-05-25 15:40:00 -07:00

slack_importer_test_settings.py

settings: Migrate test settings to modern postgres backend name.

2019-01-23 17:08:24 -08:00

terms.md.template

…

test_settings.py

queue_processors: Remove the slow_queries queue.

2020-05-11 00:45:13 -07:00

urls.py

portico: Add draft /for/research page.

2020-05-20 17:20:27 -07:00

wsgi.py

setup_path_on_import: Replace with setup_path function.

2020-02-25 15:40:21 -08:00