mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-18 00:29:13 +00:00
Code Issues 32 Releases Wiki Activity

[3.0.x] Fixed #31696 -- Updated OWASP links in docs.

Browse Source 
Backport of a16080810bee8b3baf9ae7ac7b8433cb7b293e00 from master
This commit is contained in:
Hasan Ramezani 2020-06-15 09:44:08 +02:00 committed by Mariusz Felisiak
parent 33767d5ab6
commit b61af177ee
5 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/ref/class-based-views/mixins-single-object.txt
View File

@ -66,7 +66,7 @@ Single object mixins
non-sequential arguments. Using a unique slug may serve the same non-sequential arguments. Using a unique slug may serve the same
purpose, but this scheme allows you to have non-unique slugs. purpose, but this scheme allows you to have non-unique slugs.
.. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References .. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
.. method:: get_object(queryset=None) .. method:: get_object(queryset=None)

2
docs/ref/request-response.txt
View File

@ -836,7 +836,7 @@ Methods
isn't supported by all browsers, so it's not a replacement for Django's isn't supported by all browsers, so it's not a replacement for Django's
CSRF protection, but rather a defense in depth measure. CSRF protection, but rather a defense in depth measure.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly .. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite .. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
.. warning:: .. warning::

2
docs/ref/settings.txt
View File

@ -3081,7 +3081,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
reasons for turning this off. Your code shouldn't read session cookies from reasons for turning this off. Your code shouldn't read session cookies from
JavaScript. JavaScript.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly .. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. setting:: SESSION_COOKIE_NAME .. setting:: SESSION_COOKIE_NAME

2
docs/releases/1.3.txt
View File

@ -315,7 +315,7 @@ requests. These include:
* Support for combining :class:`F expressions <django.db.models.F>` * Support for combining :class:`F expressions <django.db.models.F>`
with ``timedelta`` values when retrieving or updating database values. with ``timedelta`` values when retrieving or updating database values.
.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly .. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _backwards-incompatible-changes-1.3: .. _backwards-incompatible-changes-1.3:

2
docs/topics/security.txt
View File

@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
pages also include security principles that apply to any system. pages also include security principles that apply to any system.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10 .. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
.. _web security: https://infosec.mozilla.org/guidelines/web_security.html .. _web security: https://infosec.mozilla.org/guidelines/web_security.html