[Django] #36206: Issues in the Existing SecurityMiddleware Code 1. Incorrect use of response.setdefault() instead of response.headers.setdefault() 2. In the process_request() method, HTTPS redirection is done While this works, %-formatting is less readable and slightly less performant than modern alternatives like f-strings 3. Preventing Overwriting of Existing Headers
#36206: Issues in the Existing SecurityMiddleware Code 1. Incorrect use of response.setdefault()