Skip to content
Browse files

Fixed #18045 -- Corrected the documented default value of SESSION_COO…

…KIE_HTTPONLY setting. Missing bit of r17135.

git-svn-id: bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent b41ebcf commit cb2fafe57443ff499e992f6b166b6097bdb54907 @claudep claudep committed
Showing with 4 additions and 1 deletion.
  1. +4 −1 docs/ref/settings.txt
5 docs/ref/settings.txt
@@ -1711,7 +1711,7 @@ domain cookie. See the :doc:`/topics/http/sessions`.
-Default: ``False``
+Default: ``True``
Whether to use HTTPOnly flag on the session cookie. If this is set to
``True``, client-side JavaScript will not to be able to access the
@@ -1725,6 +1725,9 @@ protected cookie data.
.. _HTTPOnly:
+.. versionchanged:: 1.4
+ The default value of the setting was changed from ``False`` to ``True``.

0 comments on commit cb2fafe

Please sign in to comment.
Something went wrong with that request. Please try again.