Loading docs/ref/request-response.txt +5 −3 Original line number Diff line number Diff line Loading @@ -16,7 +16,8 @@ passing the :class:`HttpRequest` as the first argument to the view function. Each view is responsible for returning an :class:`HttpResponse` object. This document explains the APIs for :class:`HttpRequest` and :class:`HttpResponse` objects. :class:`HttpResponse` objects, which are defined in the :mod:`django.http` module. HttpRequest objects =================== Loading @@ -28,7 +29,8 @@ HttpRequest objects Attributes ---------- All attributes except ``session`` should be considered read-only. All attributes should be considered read-only, unless stated otherwise below. ``session`` is a notable exception. .. attribute:: HttpRequest.body Loading Loading @@ -648,7 +650,7 @@ Methods Returns ``True`` or ``False`` based on a case-insensitive check for a header with the given name. .. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=True) .. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=False) .. versionchanged:: 1.3 Loading docs/topics/http/sessions.txt +3 −0 Original line number Diff line number Diff line Loading @@ -516,6 +516,9 @@ consistently by all browsers. However, when it is honored, it can be a useful way to mitigate the risk of client side script accessing the protected cookie data. .. versionchanged:: 1.4 The default value of the setting was changed from ``False`` to ``True``. .. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly SESSION_COOKIE_NAME Loading Loading
docs/ref/request-response.txt +5 −3 Original line number Diff line number Diff line Loading @@ -16,7 +16,8 @@ passing the :class:`HttpRequest` as the first argument to the view function. Each view is responsible for returning an :class:`HttpResponse` object. This document explains the APIs for :class:`HttpRequest` and :class:`HttpResponse` objects. :class:`HttpResponse` objects, which are defined in the :mod:`django.http` module. HttpRequest objects =================== Loading @@ -28,7 +29,8 @@ HttpRequest objects Attributes ---------- All attributes except ``session`` should be considered read-only. All attributes should be considered read-only, unless stated otherwise below. ``session`` is a notable exception. .. attribute:: HttpRequest.body Loading Loading @@ -648,7 +650,7 @@ Methods Returns ``True`` or ``False`` based on a case-insensitive check for a header with the given name. .. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=True) .. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=False) .. versionchanged:: 1.3 Loading
docs/topics/http/sessions.txt +3 −0 Original line number Diff line number Diff line Loading @@ -516,6 +516,9 @@ consistently by all browsers. However, when it is honored, it can be a useful way to mitigate the risk of client side script accessing the protected cookie data. .. versionchanged:: 1.4 The default value of the setting was changed from ``False`` to ``True``. .. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly SESSION_COOKIE_NAME Loading
