Fixed an error in cookie documentation

This commit is contained in:
Preston Holmes 2012-10-17 14:53:21 -07:00
parent 9305c0e12d
commit 31dcaf49a0
2 changed files with 4 additions and 5 deletions

View File

@ -651,11 +651,7 @@ Methods
Returns ``True`` or ``False`` based on a case-insensitive check for a Returns ``True`` or ``False`` based on a case-insensitive check for a
header with the given name. header with the given name.
.. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=True) .. method:: HttpResponse.set_cookie(key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=False)
.. versionchanged:: 1.4
The default value for httponly was changed from ``False`` to ``True``.
Sets a cookie. The parameters are the same as in the :class:`Cookie.Morsel` Sets a cookie. The parameters are the same as in the :class:`Cookie.Morsel`
object in the Python standard library. object in the Python standard library.

View File

@ -524,6 +524,9 @@ consistently by all browsers. However, when it is honored, it can be a
useful way to mitigate the risk of client side script accessing the useful way to mitigate the risk of client side script accessing the
protected cookie data. protected cookie data.
.. versionchanged:: 1.4
The default value of the setting was changed from ``False`` to ``True``.
.. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly .. _HTTPOnly: https://www.owasp.org/index.php/HTTPOnly
SESSION_COOKIE_NAME SESSION_COOKIE_NAME