Fixed #20972 -- Make messages cookie follow session cookie secure/httponly

2025-11-07 07:15:35 +00:00 · 2013-08-26 21:34:29 +02:00
parent b785a80d19
commit fa57266699
5 changed files with 35 additions and 7 deletions
--- a/docs/releases/1.7.txt
+++ b/docs/releases/1.7.txt
@@ -214,6 +214,10 @@ Minor features
 * The :ttag:`widthratio` template tag now accepts an "as" parameter to capture
  the result in a variable.

+* The backends for :mod:`django.contrib.messages` that use cookies, will now
+  follow the :setting:`SESSION_COOKIE_SECURE` and
+  :setting:`SESSION_COOKIE_HTTPONLY` settings.
+
 Backwards incompatible changes in 1.7
 =====================================