summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorOsaetin Daniel <osaetindaniel@gmail.com>2019-12-11 10:57:13 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2019-12-13 11:06:47 +0100
commit33d2cda672f21c204aca17615feada68a663a701 (patch)
treefdabe847fe1ff9caec40b8fa2f04ff12ac9af10e /docs/ref
parent3ab7de018277a5202101713cc4a962f1b409b956 (diff)
[3.0.x] Doc'd HttpResponse.set_cookie()'s secure argument.
Backport of 14e690ae5a6d4ddeb1ac021f78e2e6e333214ef8 from master
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/request-response.txt2
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index 18431d8be0..45d4bab418 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -821,6 +821,8 @@ Methods
``domain="example.com"`` will set a cookie that is readable by the
domains www.example.com, blog.example.com, etc. Otherwise, a cookie will
only be readable by the domain that set it.
+ * Use ``secure=True`` if you want the cookie to be only sent to the server
+ when a request is made with the ``https`` scheme.
* Use ``httponly=True`` if you want to prevent client-side
JavaScript from having access to the cookie.