[3.1.x] Fixed #31696 -- Updated OWASP links in docs.

Backport of a16080810b from master
2020-06-15 09:44:08 +02:00 · 2020-06-15 09:44:08 +02:00 · ecd794bc68
parent 2d3b6bce28
commit ecd794bc68
5 changed files with 5 additions and 5 deletions
--- a/docs/ref/class-based-views/mixins-single-object.txt
+++ b/docs/ref/class-based-views/mixins-single-object.txt
@ -66,7 +66,7 @@ Single object mixins
        non-sequential arguments. Using a unique slug may serve the same
        purpose, but this scheme allows you to have non-unique slugs.

-        .. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
+        .. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References

    .. method:: get_object(queryset=None)

--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@ -872,7 +872,7 @@ Methods
      Use ``samesite='None'`` (string) to explicitly state that this cookie is
      sent with all same-site and cross-site requests.

-    .. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+    .. _HttpOnly: https://owasp.org/www-community/HttpOnly
    .. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite

    .. versionchanged:: 3.1
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@ -3179,7 +3179,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
 reasons for turning this off. Your code shouldn't read session cookies from
 JavaScript.

-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly

 .. setting:: SESSION_COOKIE_NAME

--- a/docs/releases/1.3.txt
+++ b/docs/releases/1.3.txt
@ -314,7 +314,7 @@ requests. These include:
 * Support for combining :class:`F expressions <django.db.models.F>`
  with ``timedelta`` values when retrieving or updating database values.

-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly

 .. _backwards-incompatible-changes-1.3:

--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
  pages also include security principles that apply to any system.

 .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
-.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
+.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
 .. _web security: https://infosec.mozilla.org/guidelines/web_security.html