summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHasan Ramezani <hasan.r67@gmail.com>2020-06-15 09:44:08 +0200
committerGitHub <noreply@github.com>2020-06-15 09:44:08 +0200
commita16080810bee8b3baf9ae7ac7b8433cb7b293e00 (patch)
tree2bc6e544658bbda8fbb5c267d6bf3c9c5daf60ac
parent3d664a158de18acf72fc8e0671f0f390cbca4b2e (diff)
Fixed #31696 -- Updated OWASP links in docs.
-rw-r--r--docs/ref/class-based-views/mixins-single-object.txt2
-rw-r--r--docs/ref/request-response.txt2
-rw-r--r--docs/ref/settings.txt2
-rw-r--r--docs/releases/1.3.txt2
-rw-r--r--docs/topics/security.txt2
5 files changed, 5 insertions, 5 deletions
diff --git a/docs/ref/class-based-views/mixins-single-object.txt b/docs/ref/class-based-views/mixins-single-object.txt
index 4fb33f6ce8..1378e10823 100644
--- a/docs/ref/class-based-views/mixins-single-object.txt
+++ b/docs/ref/class-based-views/mixins-single-object.txt
@@ -66,7 +66,7 @@ Single object mixins
non-sequential arguments. Using a unique slug may serve the same
purpose, but this scheme allows you to have non-unique slugs.
- .. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
+ .. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
.. method:: get_object(queryset=None)
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index d53b718020..cc92574f7a 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -860,7 +860,7 @@ Methods
Use ``samesite='None'`` (string) to explicitly state that this cookie is
sent with all same-site and cross-site requests.
- .. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+ .. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
.. versionchanged:: 3.1
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index ab243fa808..46653dca66 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -3159,7 +3159,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
reasons for turning this off. Your code shouldn't read session cookies from
JavaScript.
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. setting:: SESSION_COOKIE_NAME
diff --git a/docs/releases/1.3.txt b/docs/releases/1.3.txt
index 38e84f936f..7e7fb97c4f 100644
--- a/docs/releases/1.3.txt
+++ b/docs/releases/1.3.txt
@@ -314,7 +314,7 @@ requests. These include:
* Support for combining :class:`F expressions <django.db.models.F>`
with ``timedelta`` values when retrieving or updating database values.
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _backwards-incompatible-changes-1.3:
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index ba73f20899..426c33d035 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
pages also include security principles that apply to any system.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
-.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
+.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
.. _web security: https://infosec.mozilla.org/guidelines/web_security.html