Port details |
- py-django-debreach Adds protection against the BREACH attack in Django
- 2.1.0 www =0 2.1.0Version of this port present on the latest quarterly branch.
- Maintainer: kai@FreeBSD.org
- Port Added: 2020-04-07 10:41:41
- Last Update: 2023-06-27 19:34:34
- Commit Hash: 3d9a815
- Also Listed In: python security
- License: BSD2CLAUSE
- WWW:
- https://github.com/lpomfrey/django-debreach
- Description:
- Basic/extra mitigation against the BREACH attack for Django projects.
django-debreach provides additional protection to Django's built in CSRF token
masking by randomizing the content length of each response.
This is achieved by adding a random string of between 12 and 25 characters as a
comment to the end of the HTML content. Note that this will only be applied to
responses with a content type of text/html.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - There is no configure plist information for this port.
- Dependency lines:
-
- ${PYTHON_PKGNAMEPREFIX}django-debreach>0:www/py-django-debreach@${PY_FLAVOR}
- To install the port:
- cd /usr/ports/www/py-django-debreach/ && make install clean
- To add the package, run one of these commands:
- pkg install www/py-django-debreach
- pkg install py39-django-debreach
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above. NOTE: This is a Python port. Instead of py39-django-debreach listed in the above command, you can pick from the names under the Packages section.- PKGNAME: py39-django-debreach
- Package flavors (<flavor>: <package>)
- py39: py39-django-debreach
- distinfo:
- TIMESTAMP = 1642547128
SHA256 (django-debreach-2.1.0.tar.gz) = aeac9f43e0ea97830bed69cb309ad5746b5ed2b9dce733ac4c136c8e16a7d6e5
SIZE (django-debreach-2.1.0.tar.gz) = 15616
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- py39-setuptools>=63.1.0 : devel/py-setuptools@py39
- python3.9 : lang/python39
- Test dependencies:
-
- py39-django32>0 : www/py-django32@py39
- python3.9 : lang/python39
- Runtime dependencies:
-
- py39-setuptools>=63.1.0 : devel/py-setuptools@py39
- python3.9 : lang/python39
- This port is required by:
- for Run
-
- www/py-horizon
Configuration Options:
- No options to configure
- Options name:
- www_py-django-debreach
- USES:
- python
- FreshPorts was unable to extract/find any pkg message
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
2.1.0 27 Jun 2023 19:34:34 |
Rene Ladan (rene) |
all: remove explicit versions in USES=python for "3.x+"
The logic in USES=python will automatically convert this to 3.8+ by
itself.
Adjust two ports that only had Python 3.7 mentioned but build fine
on Python 3.8 too.
finance/quickfix: mark BROKEN with PYTHON
libtool: compile: c++ -DHAVE_CONFIG_H -I. -I../.. -I -I. -I.. -I../.. -I../C++
-DLIBICONV_PLUG -DPYTHON_MAJOR_VERSION=3 -Wno-unused-variable
-Wno-maybe-uninitialized -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong
-fno-strict-aliasing -DLIBICONV_PLUG -Wall -ansi
-Wno-unused-command-line-argument -Wpointer-arith -Wwrite-strings
-Wno-overloaded-virtual -Wno-deprecated-declarations -Wno-deprecated -std=c++0x
-MT _quickfix_la-QuickfixPython.lo -MD -MP -MF
.deps/_quickfix_la-QuickfixPython.Tpo -c QuickfixPython.cpp -fPIC -DPIC -o
.libs/_quickfix_la-QuickfixPython.o
warning: unknown warning option '-Wno-maybe-uninitialized'; did you mean
'-Wno-uninitialized'? [-Wunknown-warning-option]
QuickfixPython.cpp:175:11: fatal error: 'Python.h' file not found
^~~~~~~~~~
1 warning and 1 error generated.
Reviewed by: portmgr, vishwin, yuri
Differential Revision: <https://reviews.freebsd.org/D40568> |
2.1.0 11 Jan 2023 15:58:34 |
Dmitry Marakasov (amdmi3) |
*/*: rename CHEESESHOP to PYPI in MASTER_SITES
PR: 267994
Differential revision: D37518
Approved by: bapt |
07 Sep 2022 21:58:51 |
Stefan Eßer (se) |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
2.1.0 07 Sep 2022 21:10:59 |
Stefan Eßer (se) |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above ) |
2.1.0 28 Apr 2022 10:02:15 |
Kai Knoblich (kai) |
www/py-django32: Switch consumers over to Django 3.2
Django 2.2 became End-of-Life on 11th April 2022 and Django 3.2 is the
new LTS (= Long Term Support) release which will be supported until
April 2024.
* Switch the most ports that use www/py-django22 to www/py-django32
* Switch www/seahub over to www/py-djangorestframework
* Ports that are not yet ready for Django 3.2 (only three so far) or
those that have already been set with an expiration date were not
taken into account.
* Bump PORTREVISION due dependency change where necessary.
PR: 261313
Reviewed by: bofh, dvl, koobs, ultima
Approved by: bofh, dvl, koobs, ultima, sunpoet, Kevin Golding, Ivan Rozhuk,
Alexander Sieg (maintainers)
maintainer timeout (remaining maintainers)
Differential Revision: https://reviews.freebsd.org/D34859 |
2.1.0 21 Jan 2022 19:00:59 |
Kai Knoblich (kai) |
www/py-django-debreach: Update to 2.1.0
Changelog:
https://github.com/lpomfrey/django-debreach/releases/tag/2.1.0 |
2.0.1 07 Apr 2021 08:09:01 |
Mathieu Arnold (mat) |
One more small cleanup, forgotten yesterday.
Reported by: lwhsu |
2.0.1 06 Apr 2021 14:31:07 |
Mathieu Arnold (mat) |
Remove # $FreeBSD$ from Makefiles. |
2.0.1 07 Apr 2020 10:41:35 |
kai |
[NEW PORT] www/py-django-debreach
Basic/extra mitigation against the BREACH attack for Django projects.
django-debreach provides additional protection to Django's built in CSRF token
masking by randomizing the content length of each response.
This is achieved by adding a random string of between 12 and 25 characters as a
comment to the end of the HTML content. Note that this will only be applied to
responses with a content type of text/html.
WWW: https://github.com/lpomfrey/django-debreach |