From a16080810bee8b3baf9ae7ac7b8433cb7b293e00 Mon Sep 17 00:00:00 2001
From: Hasan Ramezani <hasan.r67@gmail.com>
Date: Mon, 15 Jun 2020 09:44:08 +0200
Subject: [PATCH] Fixed #31696 -- Updated OWASP links in docs.

---
 docs/ref/class-based-views/mixins-single-object.txt | 2 +-
 docs/ref/request-response.txt                       | 2 +-
 docs/ref/settings.txt                               | 2 +-
 docs/releases/1.3.txt                               | 2 +-
 docs/topics/security.txt                            | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/ref/class-based-views/mixins-single-object.txt b/docs/ref/class-based-views/mixins-single-object.txt
index 4fb33f6ce8..1378e10823 100644
--- a/docs/ref/class-based-views/mixins-single-object.txt
+++ b/docs/ref/class-based-views/mixins-single-object.txt
@@ -66,7 +66,7 @@ Single object mixins
         non-sequential arguments. Using a unique slug may serve the same
         purpose, but this scheme allows you to have non-unique slugs.
 
-        .. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
+        .. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
 
     .. method:: get_object(queryset=None)
 
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index d53b718020..cc92574f7a 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -860,7 +860,7 @@ Methods
       Use ``samesite='None'`` (string) to explicitly state that this cookie is
       sent with all same-site and cross-site requests.
 
-    .. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+    .. _HttpOnly: https://owasp.org/www-community/HttpOnly
     .. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
 
     .. versionchanged:: 3.1
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index ab243fa808..46653dca66 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -3159,7 +3159,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
 reasons for turning this off. Your code shouldn't read session cookies from
 JavaScript.
 
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
 
 .. setting:: SESSION_COOKIE_NAME
 
diff --git a/docs/releases/1.3.txt b/docs/releases/1.3.txt
index 38e84f936f..7e7fb97c4f 100644
--- a/docs/releases/1.3.txt
+++ b/docs/releases/1.3.txt
@@ -314,7 +314,7 @@ requests. These include:
 * Support for combining :class:`F expressions <django.db.models.F>`
   with ``timedelta`` values when retrieving or updating database values.
 
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
 
 .. _backwards-incompatible-changes-1.3:
 
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index ba73f20899..426c33d035 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
   pages also include security principles that apply to any system.
 
 .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
-.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
+.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
 .. _web security: https://infosec.mozilla.org/guidelines/web_security.html