* Include HTML and textual files in the package. * Delete "Authorization" header when it is used by the middleware. * Use CF-Connecting-IP HTTP header for checking the client's IP address. * Add `BASIC_AUTH_WHITELISTED_PATHS` setting.
0.3a0
Not secure
~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Don't crash on wrong authorization header format. * Add support for old-fashioned MIDDLEWARE_CLASSES. * Add overall Django 1.8, 1.9, 1.10 and 1.11 support.
0.2.1
Not secure
~~~~~~~~~~~~~~~~~~~~~~
* Use HttpRequest.get_host instead of HTTP_HOST.
0.2
Not secure
~~~~~~~~~~~~~~~~~~~
* Add HTTP host header whitelist (``BASIC_AUTH_RESPONSE_TEMPLATE``). * Add the ``BASIC_AUTH_REALM`` setting. * Add the ``BASIC_AUTH_RESPONSE_TEMPLATE`` setting. * Add the ``BASIC_AUTH_RESPONSE_CLASS`` setting. * Add an option to skip the middleware by setting ``_skip_basic_auth_ip_whitelist_middleware_check`` attribute on the request.