mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Fixed #31696 -- Updated OWASP links in docs.
This commit is contained in:
parent
3d664a158d
commit
a16080810b
@ -66,7 +66,7 @@ Single object mixins
|
||||
non-sequential arguments. Using a unique slug may serve the same
|
||||
purpose, but this scheme allows you to have non-unique slugs.
|
||||
|
||||
.. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
|
||||
.. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
|
||||
|
||||
.. method:: get_object(queryset=None)
|
||||
|
||||
|
@ -860,7 +860,7 @@ Methods
|
||||
Use ``samesite='None'`` (string) to explicitly state that this cookie is
|
||||
sent with all same-site and cross-site requests.
|
||||
|
||||
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
|
||||
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
|
||||
.. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
||||
|
||||
.. versionchanged:: 3.1
|
||||
|
@ -3159,7 +3159,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
|
||||
reasons for turning this off. Your code shouldn't read session cookies from
|
||||
JavaScript.
|
||||
|
||||
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
|
||||
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
|
||||
|
||||
.. setting:: SESSION_COOKIE_NAME
|
||||
|
||||
|
@ -314,7 +314,7 @@ requests. These include:
|
||||
* Support for combining :class:`F expressions <django.db.models.F>`
|
||||
with ``timedelta`` values when retrieving or updating database values.
|
||||
|
||||
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
|
||||
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
|
||||
|
||||
.. _backwards-incompatible-changes-1.3:
|
||||
|
||||
|
@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
|
||||
pages also include security principles that apply to any system.
|
||||
|
||||
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
|
||||
.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
|
||||
.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
|
||||
.. _web security: https://infosec.mozilla.org/guidelines/web_security.html
|
||||
|
Loading…
Reference in New Issue
Block a user