Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

[1.6.x] Fixed #22242 -- Documented common cookie size limit.

Backport of 885e7ad from master
  • Loading branch information...
commit 9f7bd831846a921e233c1f95d725235db9550438 1 parent 1a2939b
@PirosB3 PirosB3 authored timgraham committed
Showing with 8 additions and 0 deletions.
  1. +8 −0 docs/ref/request-response.txt
View
8 docs/ref/request-response.txt
@@ -735,6 +735,14 @@ Methods
.. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly
+ .. warning::
+
+ Both :rfc:`2109` and :rfc:`6265` state that user agents should support
+ cookies of at least 4096 bytes. For many browsers this is also the
+ maximum size. Django will not raise an exception if there's an attempt
+ to store a cookie of more than 4096 bytes, but many browsers will not
+ set the cookie correctly.
+
.. method:: HttpResponse.set_signed_cookie(key, value, salt='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=True)
Like :meth:`~HttpResponse.set_cookie()`, but

0 comments on commit 9f7bd83

Please sign in to comment.
Something went wrong with that request. Please try again.