summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHasan Ramezani <hasan.r67@gmail.com>2020-06-15 09:44:08 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2020-06-15 09:45:45 +0200
commitb61af177eea2530235f1f1e702001f9faedb7f55 (patch)
treea5321039f7e45dc99358d66507c7042020a7e755
parent33767d5ab6d6642b324b180a308e62312bd6c685 (diff)
[3.0.x] Fixed #31696 -- Updated OWASP links in docs.
Backport of a16080810bee8b3baf9ae7ac7b8433cb7b293e00 from master
-rw-r--r--docs/ref/class-based-views/mixins-single-object.txt2
-rw-r--r--docs/ref/request-response.txt2
-rw-r--r--docs/ref/settings.txt2
-rw-r--r--docs/releases/1.3.txt2
-rw-r--r--docs/topics/security.txt2
5 files changed, 5 insertions, 5 deletions
diff --git a/docs/ref/class-based-views/mixins-single-object.txt b/docs/ref/class-based-views/mixins-single-object.txt
index 4fb33f6ce8..1378e10823 100644
--- a/docs/ref/class-based-views/mixins-single-object.txt
+++ b/docs/ref/class-based-views/mixins-single-object.txt
@@ -66,7 +66,7 @@ Single object mixins
non-sequential arguments. Using a unique slug may serve the same
purpose, but this scheme allows you to have non-unique slugs.
- .. _insecure direct object reference: https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
+ .. _insecure direct object reference: https://wiki.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
.. method:: get_object(queryset=None)
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index 7b20f324a0..e03bc56f89 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -836,7 +836,7 @@ Methods
isn't supported by all browsers, so it's not a replacement for Django's
CSRF protection, but rather a defense in depth measure.
- .. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+ .. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _SameSite: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
.. warning::
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index 42c0600b1c..6396a9b3ee 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -3081,7 +3081,7 @@ vulnerability into full hijacking of a user's session. There aren't many good
reasons for turning this off. Your code shouldn't read session cookies from
JavaScript.
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. setting:: SESSION_COOKIE_NAME
diff --git a/docs/releases/1.3.txt b/docs/releases/1.3.txt
index 7e02bcd0a5..37b3cc7311 100644
--- a/docs/releases/1.3.txt
+++ b/docs/releases/1.3.txt
@@ -315,7 +315,7 @@ requests. These include:
* Support for combining :class:`F expressions <django.db.models.F>`
with ``timedelta`` values when retrieving or updating database values.
-.. _HttpOnly: https://www.owasp.org/index.php/HttpOnly
+.. _HttpOnly: https://owasp.org/www-community/HttpOnly
.. _backwards-incompatible-changes-1.3:
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index ba73f20899..426c33d035 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -294,5 +294,5 @@ security protection of the Web server, operating system and other components.
pages also include security principles that apply to any system.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
-.. _Top 10 list: https://www.owasp.org/index.php/Top_10-2017_Top_10
+.. _Top 10 list: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/
.. _web security: https://infosec.mozilla.org/guidelines/web_security.html