Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Formatting fix for host headers section

  • Loading branch information...
commit 58786897a1e3ef5d31134cb0870a321425d56fea 1 parent c651002
David Fischer authored September 06, 2012

Showing 1 changed file with 5 additions and 5 deletions. Show diff stats Hide diff stats

  1. 10  docs/topics/security.txt
10  docs/topics/security.txt
@@ -176,11 +176,11 @@ Site Scripting attacks, they can be used for Cross-Site Request
176 176
 Forgery and cache poisoning attacks in some circumstances. We
177 177
 recommend you ensure your Web server is configured such that:
178 178
 
179  
-    * It always validates incoming HTTP ``Host`` headers against the expected
180  
-      host name.
181  
-    * Disallows requests with no ``Host`` header.
182  
-    * Is *not* configured with a catch-all virtual host that forwards requests
183  
-      to a Django application.
  179
+* It always validates incoming HTTP ``Host`` headers against the expected
  180
+  host name.
  181
+* Disallows requests with no ``Host`` header.
  182
+* Is *not* configured with a catch-all virtual host that forwards requests
  183
+  to a Django application.
184 184
 
185 185
 Additionally, as of 1.3.1, Django requires you to explicitly enable support for
186 186
 the ``X-Forwarded-Host`` header if your configuration requires it.

0 notes on commit 5878689

Please sign in to comment.
Something went wrong with that request. Please try again.