1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00

Fixed #31696 -- Updated OWASP links in docs.

This commit is contained in:
Hasan Ramezani 2020-06-15 09:44:08 +02:00 committed by GitHub
parent 3d664a158d
commit a16080810b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 5 additions and 5 deletions

View File

@ -66,7 +66,7 @@ Single object mixins
non-sequential arguments. Using a unique slug may serve the same
purpose, but this scheme allows you to have non-unique slugs.
.. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
.. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
.. method:: get_object(queryset=None)

View File

@ -860,7 +860,7 @@ Methods
Use ``samesite='None'`` (string) to explicitly state that this cookie is
sent with all same-site and cross-site requests.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
.. versionchanged:: 3.1

View File

@ -3159,7 +3159,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
reasons for turning this off. Your code shouldn't read session cookies from
JavaScript.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. setting:: SESSION_COOKIE_NAME

View File

@ -314,7 +314,7 @@ requests. These include:
* Support for combining :class:`F expressions <django.db.models.F>`
with ``timedelta`` values when retrieving or updating database values.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _backwards-incompatible-changes-1.3:

View File

@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
pages also include security principles that apply to any system.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
.. _web security: https://infosec.mozilla.org/guidelines/web_security.html