Django 6.0 Ships Built-in Background Tasks and Native Content Security Policy Support

Django 6.0, released on January 15, 2026, delivers the most significant feature additions to the Python web framework in several major versions. The headline capability is a built-in Tasks framework for background processing, which eliminates the need for third-party task queues like Celery in many common use cases.

Built-in Background Tasks

The new Tasks framework provides a native mechanism for running background work within a Django application without requiring an external message broker or task queue. For years, Django developers who needed background processing — sending emails, processing uploaded files, generating reports, syncing with external APIs — had to install and configure Celery (or alternatives like Django-Q, Huey, or RQ), along with a message broker such as Redis or RabbitMQ. The infrastructure overhead of running a separate worker process and message broker added complexity that was disproportionate to many common background task use cases.

Django 6.0's built-in Tasks framework handles these common cases directly. Tasks are defined as decorated Python functions and executed by a worker process that ships with Django. For simple background operations — fire-and-forget email sends, webhook dispatches, file processing — the built-in framework is sufficient without any external dependencies. Complex workflows requiring distributed task execution, priority queues, or sophisticated retry logic will still benefit from dedicated tools like Celery, but the 80% case of simple background work is now handled out of the box.

Native Content Security Policy

Django 6.0 adds built-in Content Security Policy (CSP) support, automatically generating and enforcing CSP headers that protect against cross-site scripting (XSS) attacks. Previously, developers had to install third-party packages like django-csp to generate CSP headers. The built-in implementation integrates with Django's template engine and static file handling, automatically generating nonce values for inline scripts and stylesheets that are permitted by the policy.

Template Partials

A new template partials system adds {% partialdef %} and {% partial %} template tags, enabling reusable template fragments that can be defined once and included across multiple templates without the overhead of separate template files. Partials provide a middle ground between inline template code and full template inclusion — useful for small, repeated UI patterns like card components, badges, or notification snippets.

Other Changes

Django 6.0 drops support for Python 3.10 and 3.11, requiring Python 3.12 or later (with support for 3.13 and 3.14). Async pagination support allows paginated querysets to be evaluated asynchronously, improving performance for async Django views that serve paginated data. The email API received a modernization pass with a cleaner interface for constructing and sending messages.