mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-01 20:31:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples.

Browse source
This commit is contained in:
Tim Graham 2017-11-01 10:57:59 -04:00 committed by GitHub
parent cbe334918a
commit afd375fc34
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 10 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

7
docs/ref/request-response.txt
View file

@ -752,10 +752,9 @@ Methods
in UTC. If ``expires`` is a ``datetime`` object, the ``max_age``
will be calculated.
* Use ``domain`` if you want to set a cross-domain cookie. For example,
``domain=".lawrence.com"`` will set a cookie that is readable by
the domains www.lawrence.com, blogs.lawrence.com and
calendars.lawrence.com. Otherwise, a cookie will only be readable by
the domain that set it.
``domain="example.com"`` will set a cookie that is readable by the
domains www.example.com, blog.example.com, etc. Otherwise, a cookie will
only be readable by the domain that set it.
* Use ``httponly=True`` if you want to prevent client-side
JavaScript from having access to the cookie.

10
docs/ref/settings.txt
View file

@ -309,7 +309,7 @@ Default: ``None``
The domain to be used when setting the CSRF cookie. This can be useful for
easily allowing cross-subdomain requests to be excluded from the normal cross
site request forgery protection. It should be set to a string such as
``".example.com"`` to allow a POST request from a form on one subdomain to be
``"example.com"`` to allow a POST request from a form on one subdomain to be
accepted by a view served from another subdomain.
Please note that the presence of this setting does not imply that Django's CSRF
@ -1733,8 +1733,8 @@ The age of the language cookie, in seconds.
Default: ``None``
The domain to use for the language cookie. Set this to a string such as
``".example.com"`` (note the leading dot!) for cross-domain cookies, or use
``None`` for a standard domain cookie.
``"example.com"`` for cross-domain cookies, or use ``None`` for a standard
domain cookie.
Be cautious when updating this setting on a production site. If you update
this setting to enable cross-domain cookies on a site that previously used
@ -2958,8 +2958,8 @@ The age of session cookies, in seconds.
Default: ``None``
The domain to use for session cookies. Set this to a string such as
``".example.com"`` (note the leading dot!) for cross-domain cookies, or use
``None`` for a standard domain cookie.
``"example.com"`` for cross-domain cookies, or use ``None`` for a standard
domain cookie.
Be cautious when updating this setting on a production site. If you update
this setting to enable cross-domain cookies on a site that previously used