Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed an error in the set cookie documentation

  • Loading branch information...
commit 58806ce1530305390f593cc78b66d77443c6e1b2 1 parent 92d3430
@ptone ptone authored
Showing with 8 additions and 3 deletions.
  1. +5 −3 docs/ref/request-response.txt
  2. +3 −0  docs/topics/http/sessions.txt
View
8 docs/ref/request-response.txt
@@ -16,7 +16,8 @@ passing the :class:`HttpRequest` as the first argument to the view function.
Each view is responsible for returning an :class:`HttpResponse` object.
This document explains the APIs for :class:`HttpRequest` and
-:class:`HttpResponse` objects.
+:class:`HttpResponse` objects, which are defined in the :mod:`django.http`
+module.
HttpRequest objects
===================
@@ -28,7 +29,8 @@ HttpRequest objects
Attributes
----------
-All attributes except ``session`` should be considered read-only.
+All attributes should be considered read-only, unless stated otherwise below.
+``session`` is a notable exception.
.. attribute:: HttpRequest.body
@@ -648,7 +650,7 @@ Methods
Returns ``True`` or ``False`` based on a case-insensitive check for a
header with the given name.
-.. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=True)
+.. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=False)
.. versionchanged:: 1.3
View
3  docs/topics/http/sessions.txt
@@ -516,6 +516,9 @@ consistently by all browsers. However, when it is honored, it can be a
useful way to mitigate the risk of client side script accessing the
protected cookie data.
+.. versionchanged:: 1.4
+ The default value of the setting was changed from ``False`` to ``True``.
+
.. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly
SESSION_COOKIE_NAME

0 comments on commit 58806ce

Please sign in to comment.
Something went wrong with that request. Please try again.