{ "info": { "author": "Adam Johnson", "author_email": "me@adamj.eu", "bugtrack_url": null, "classifiers": [ "Development Status :: 5 - Production/Stable", "Framework :: Django :: 1.11", "Framework :: Django :: 2.0", "Framework :: Django :: 2.1", "Framework :: Django :: 2.2", "Intended Audience :: Developers", "License :: OSI Approved :: ISC License (ISCL)", "Natural Language :: English", "Operating System :: OS Independent", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7" ], "description": "django-feature-policy\n=====================\n\n.. image:: https://img.shields.io/travis/adamchainz/django-feature-policy/master.svg\n :target: https://travis-ci.org/adamchainz/django-feature-policy\n\n.. image:: https://img.shields.io/pypi/v/django-feature-policy.svg\n :target: https://pypi.python.org/pypi/django-feature-policy\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/python/black\n\nSet the draft security HTTP header ``Feature-Policy`` on your Django app.\n\nRequirements\n------------\n\nPython 3.5-3.7 supported.\n\nDjango 1.11-2.2 supported.\n\nInstallation\n------------\n\nInstall with **pip**:\n\n.. code-block:: sh\n\n pip install django-feature-policy\n\nThen add the middleware, best after Django's ``SecurityMiddleware`` as it does\nsimilar addition of security headers that you'll want on every response:\n\n.. code-block:: python\n\n MIDDLEWARE = [\n ...\n 'django.middleware.security.SecurityMiddleware',\n 'django_feature_policy.FeaturePolicyMiddleware',\n ...\n ]\n\nBy default no header will be set, configure the setting as below.\n\nSetting\n-------\n\nChange the ``FEATURE_POLICY`` setting to configure what ``Feature-Policy``\nheader gets set.\n\nThis should be a dictionary laid out with:\n\n* Keys as the names of browser features - a full list is available on the\n `W3 Spec repository`_. The `MDN article`_ is also worth reading.\n* Values as lists of strings, where each string is either an origin, e.g.\n ``'https://example.com'``, or of the special values ``'self'``, ``'none'``,\n or ``'*'``. If there is just one value, no containing list is necessary. Note\n that in the header, special values like ``'none'`` include single quotes\n around them - do not include these quotes in your Python string, they will be\n added by the middleware.\n\n.. _W3 Spec repository: https://github.com/w3c/webappsec-feature-policy/blob/master/features.md\n.. _MDN article: https://developer.mozilla.org/en-US/docs/Web/HTTP/Feature_Policy#Browser_compatibility\n\nIf the keys or values are invalid, ``ImproperlyConfigured`` will be raised at\ninstantiation time, or when processing a response. The current feature list is\npulled from the JavaScript API with\n``document.featurePolicy.allowedFeatures()`` on Chrome.\n\nExamples\n~~~~~~~~\n\nDisable geolocation from running in the current page and any iframe:\n\n.. code-block:: python\n\n FEATURE_POLICY = {\n 'geolocation': 'none',\n }\n\nAllow autoplay from the current origin and iframes from\n``https://archive.org``:\n\n.. code-block:: python\n\n FEATURE_POLICY = {\n 'autoplay': ['self', 'https://archive.org'],\n }\n\n\nHistory\n=======\n\nPending release\n---------------\n\n.. Insert new release notes below this line\n\n3.0.0 (2019-08-02)\n------------------\n\n* Updated to the latest set of features from Chrome. This removes\n 'legacy-image-formats' and 'unoptimized-images', and adds 17 new features:\n 'downloads-without-user-activation', 'focus-without-user-activation',\n 'forms', 'hid', 'idle-detection', 'loading-frame-default-eager', 'modals',\n 'orientation-lock', 'pointer-lock', 'popups', 'presentation', 'scripts',\n 'serial', 'top-navigation', 'unoptimized-lossless-images',\n 'unoptimized-lossless-images-strict' and 'unoptimized-lossy-images'. Note\n that most of these are still experimental as can be seen on the [W3C feature\n list](https://github.com/w3c/webappsec-feature-policy/blob/master/features.md).\n\n* Stop marking the distributed wheel as universal. Python 2 was never supported\n so the wheel was never actually universal.\n\n2.3.0 (2019-05-19)\n------------------\n\n* Update Python support to 3.5-3.7, as 3.4 has reached its end of life.\n\n* Make the generated header deterministic by iterating the settings dict in\n sorted order.\n\n* Support Django 1.11 for completeness.\n\n2.2.0 (2019-05-08)\n------------------\n\n* Fix interpretation of '*' by not automatically adding quotes.\n* Optimize header generation to reduce impact on every request.\n\n2.1.0 (2019-04-28)\n------------------\n\n* Tested on Django 2.2. No changes were needed for compatibility.\n\n2.0.0 (2019-03-29)\n------------------\n\n* Updated to the latest set of features from Chrome.\n 'animations', 'image-compression', and 'max-downscaling-image' have been\n removed, whilst 'document-domain', 'font-display-late-swap',\n 'layout-animations', 'oversized-images', 'unoptimized-images', and\n 'wake-lock' have been added.\n See more at https://github.com/w3c/webappsec-feature-policy/blob/master/features.md .\n\n1.0.1 (2019-01-02)\n------------------\n\n* Support for new 'lazyload' feature, per https://www.chromestatus.com/feature/5641405942726656.\n\n1.0.0 (2018-10-24)\n------------------\n\n* First release, supporting adding the header with a middleware.\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/adamchainz/django-feature-policy", "keywords": "Django", "license": "ISC", "maintainer": "", "maintainer_email": "", "name": "django-feature-policy", "package_url": "https://pypi.org/project/django-feature-policy/", "platform": "", "project_url": "https://pypi.org/project/django-feature-policy/", "project_urls": { "Homepage": "https://github.com/adamchainz/django-feature-policy" }, "release_url": "https://pypi.org/project/django-feature-policy/3.0.0/", "requires_dist": [ "Django (>=1.11)" ], "requires_python": ">=3.5", "summary": "Set the draft security HTTP header Feature-Policy on your Django app.", "version": "3.0.0" }, "last_serial": 5622989, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "31f20d5f27cc5a3fad0f7b3d50fb7389", "sha256": "f8285ed04dccf7e2384f8342a29c816561eabba7a4c7de84c079b1f7f4b28e54" }, "downloads": -1, "filename": "django_feature_policy-1.0.0-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "31f20d5f27cc5a3fad0f7b3d50fb7389", "packagetype": "bdist_wheel", "python_version": "3.7", "requires_python": null, "size": 4016, "upload_time": "2018-10-24T14:23:41", "url": "https://files.pythonhosted.org/packages/3b/ed/a1c3f94524fb4cf26c358a03f7c49d2321cc0dc0c98ad051dc26c6ef4306/django_feature_policy-1.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4927b5a203d4d6e81af468693a10f60d", "sha256": "bcb3022da220cd6e97265716defc1fe06500d62ddf556ea49ca122739bef54d0" }, "downloads": -1, "filename": "django-feature-policy-1.0.0.tar.gz", "has_sig": true, "md5_digest": "4927b5a203d4d6e81af468693a10f60d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5037, "upload_time": "2018-10-24T14:23:39", "url": "https://files.pythonhosted.org/packages/df/f3/9b326ee6d341791b3d9d079cc510cab5a5c67e4c370ae658afb268323240/django-feature-policy-1.0.0.tar.gz" } ], "1.0.1": [ { "comment_text": "", "digests": { "md5": "9d400ec7e04cf6eeb1ae4ff79405c28e", "sha256": "b51264198777ebd4c9ed7489d6c2aa513ddef000866aef37bbb76cb55bae8835" }, "downloads": -1, "filename": "django_feature_policy-1.0.1-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "9d400ec7e04cf6eeb1ae4ff79405c28e", "packagetype": "bdist_wheel", "python_version": "3.7", "requires_python": null, "size": 4177, "upload_time": "2019-01-02T20:32:33", "url": "https://files.pythonhosted.org/packages/56/e5/927dce9b349b1bfe8f5e328871d971979c94105d7766ab3c0c75787bfd56/django_feature_policy-1.0.1-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "ac551fe050ab598f7b350271315a41e7", "sha256": "171fd6a48afa232617dfaa64239f03c4808c4eb617a2d4f995c5d1e564ec6803" }, "downloads": -1, "filename": "django-feature-policy-1.0.1.tar.gz", "has_sig": true, "md5_digest": "ac551fe050ab598f7b350271315a41e7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5228, "upload_time": "2019-01-02T20:32:30", "url": "https://files.pythonhosted.org/packages/48/83/26ac104d092be9754ac24a34b0072dfa775c74b36a6db55413a7678b4bbd/django-feature-policy-1.0.1.tar.gz" } ], "2.0.0": [ { "comment_text": "", "digests": { "md5": "df84efb935726cdf78f81f1048b82bcc", "sha256": "be54a6732d731ee852ae1aa87fb1efd7e6e1037945f91e2ce914259edc7c429e" }, "downloads": -1, "filename": "django_feature_policy-2.0.0-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "df84efb935726cdf78f81f1048b82bcc", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=3.4", "size": 4441, "upload_time": "2019-03-29T10:43:38", "url": "https://files.pythonhosted.org/packages/3c/92/85beae2c03b22673eaa44bc231e20af2efc9a77dd7691bd5c1493fd2dbc2/django_feature_policy-2.0.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "aed87fdec8336ea7e3fc973e8ee7b799", "sha256": "6b4d0ac8738cd66229d7c224e79280aa84bc36ba1be3451a84e2be1f69f0c958" }, "downloads": -1, "filename": "django-feature-policy-2.0.0.tar.gz", "has_sig": true, "md5_digest": "aed87fdec8336ea7e3fc973e8ee7b799", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 5393, "upload_time": "2019-03-29T10:43:40", "url": "https://files.pythonhosted.org/packages/be/d0/0121b75345c01d12cd5d0490ba84ca1e44cc66599c4f2d381669e0e7c157/django-feature-policy-2.0.0.tar.gz" } ], "2.1.0": [ { "comment_text": "", "digests": { "md5": "002aac268e4708ad2b925317b18139d9", "sha256": "1eec208b809400805888103997c26629ee14b7baac6eddc864eb3b41e5d432e3" }, "downloads": -1, "filename": "django_feature_policy-2.1.0-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "002aac268e4708ad2b925317b18139d9", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=3.4", "size": 4492, "upload_time": "2019-04-28T22:49:38", "url": "https://files.pythonhosted.org/packages/31/35/6d6cc167386cbfa8340359d71267c88188cc22655b6a531df1e2a57d85ad/django_feature_policy-2.1.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "5bf3f93262d2c315710e9cb3dd7a43e3", "sha256": "fe1ff256a7d2db092db0126db49366ea5640caf64fc366fba188e8c50fa31856" }, "downloads": -1, "filename": "django-feature-policy-2.1.0.tar.gz", "has_sig": true, "md5_digest": "5bf3f93262d2c315710e9cb3dd7a43e3", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 5519, "upload_time": "2019-04-28T22:49:41", "url": "https://files.pythonhosted.org/packages/f8/45/5d52952957194b0e025cd1ae72f89ca80fac9ade9cff52580abb285798e1/django-feature-policy-2.1.0.tar.gz" } ], "2.2.0": [ { "comment_text": "", "digests": { "md5": "dc06c3816c4083fb3072adb4e0d44d84", "sha256": "2b15e9c0de4f37c580eebccda2be1e71627ab5f6bb766d5dcabf53d3f7e7fa4d" }, "downloads": -1, "filename": "django_feature_policy-2.2.0-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "dc06c3816c4083fb3072adb4e0d44d84", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=3.4", "size": 4701, "upload_time": "2019-05-08T10:39:55", "url": "https://files.pythonhosted.org/packages/a1/84/8dce113c5c6bdd1248b1a43614fc980ea01101fb339efa44f91c3f72ecb7/django_feature_policy-2.2.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "a2168b10f4ecf7f159af8219a219c5ba", "sha256": "bbd04c8ab7cd5ea3bdb1fd8aecadaf53aabee5e074a7e5623702b92a67a13c1f" }, "downloads": -1, "filename": "django-feature-policy-2.2.0.tar.gz", "has_sig": true, "md5_digest": "a2168b10f4ecf7f159af8219a219c5ba", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 5856, "upload_time": "2019-05-08T10:39:57", "url": "https://files.pythonhosted.org/packages/ed/b6/d7dfe7ba2c4c4ce55ce75822aadfce60c18bdf7843bfec52525303351cc3/django-feature-policy-2.2.0.tar.gz" } ], "2.3.0": [ { "comment_text": "", "digests": { "md5": "fbfc3ef26ca5625202f368c3e00fdcf9", "sha256": "cb1f173cacaacb5ac83bd652622bc2601721d1ad21a5ad5cbc6c6989b30e8132" }, "downloads": -1, "filename": "django_feature_policy-2.3.0-py2.py3-none-any.whl", "has_sig": true, "md5_digest": "fbfc3ef26ca5625202f368c3e00fdcf9", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": ">=3.5", "size": 4785, "upload_time": "2019-05-19T11:01:10", "url": "https://files.pythonhosted.org/packages/08/fb/3b7889117121c4bb61ad2fe50995c71d0cee222d9e4efa56e02691eeb60c/django_feature_policy-2.3.0-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "d3c749b4a234eecf2ee1e06e1645426f", "sha256": "7478abb88f20e7ad96367fd6e0468809d8250bbca52a70519702257f4e233569" }, "downloads": -1, "filename": "django-feature-policy-2.3.0.tar.gz", "has_sig": true, "md5_digest": "d3c749b4a234eecf2ee1e06e1645426f", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 5964, "upload_time": "2019-05-19T11:01:12", "url": "https://files.pythonhosted.org/packages/c9/f2/228f9ac38d780a064ad654c29789de2ce5c245c0d854e94c6e099684871d/django-feature-policy-2.3.0.tar.gz" } ], "3.0.0": [ { "comment_text": "", "digests": { "md5": "72957fcf0dce18937d7b5f1eeb3e0492", "sha256": "9300ea9860c7b4808463aedb7280ceeebd7fb3a304098e9c3c05e633fba1dd3f" }, "downloads": -1, "filename": "django_feature_policy-3.0.0-py3-none-any.whl", "has_sig": true, "md5_digest": "72957fcf0dce18937d7b5f1eeb3e0492", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5", "size": 5251, "upload_time": "2019-08-02T10:03:56", "url": "https://files.pythonhosted.org/packages/29/2a/5e74e6cd2996cbe159462c19dbc259ca4c0f8004ea457d438cb37e886e50/django_feature_policy-3.0.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3948527b163a2e43fe39dc222c2d7170", "sha256": "ad80458672ea3ae69577b0867b239b67bd659b939323bdd7456dd1b919163689" }, "downloads": -1, "filename": "django-feature-policy-3.0.0.tar.gz", "has_sig": true, "md5_digest": "3948527b163a2e43fe39dc222c2d7170", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 6558, "upload_time": "2019-08-02T10:03:58", "url": "https://files.pythonhosted.org/packages/5c/ec/a2e0627c5e978932f30ee8466f01c66ab30d48ff99f62c3bd12742456b58/django-feature-policy-3.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "72957fcf0dce18937d7b5f1eeb3e0492", "sha256": "9300ea9860c7b4808463aedb7280ceeebd7fb3a304098e9c3c05e633fba1dd3f" }, "downloads": -1, "filename": "django_feature_policy-3.0.0-py3-none-any.whl", "has_sig": true, "md5_digest": "72957fcf0dce18937d7b5f1eeb3e0492", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5", "size": 5251, "upload_time": "2019-08-02T10:03:56", "url": "https://files.pythonhosted.org/packages/29/2a/5e74e6cd2996cbe159462c19dbc259ca4c0f8004ea457d438cb37e886e50/django_feature_policy-3.0.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3948527b163a2e43fe39dc222c2d7170", "sha256": "ad80458672ea3ae69577b0867b239b67bd659b939323bdd7456dd1b919163689" }, "downloads": -1, "filename": "django-feature-policy-3.0.0.tar.gz", "has_sig": true, "md5_digest": "3948527b163a2e43fe39dc222c2d7170", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 6558, "upload_time": "2019-08-02T10:03:58", "url": "https://files.pythonhosted.org/packages/5c/ec/a2e0627c5e978932f30ee8466f01c66ab30d48ff99f62c3bd12742456b58/django-feature-policy-3.0.0.tar.gz" } ] }