diff options
| author | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-07-16 08:16:58 +0200 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-07-16 08:17:45 +0200 |
| commit | 3ca8cc0df14066133321c186758191f33a26a217 (patch) | |
| tree | 533109e06ab0ef6c469cedaa176c06de285b354f /docs/ref | |
| parent | ac699ba647e5d8d764dae1d9cca0562d421ddee2 (diff) | |
[3.1.x] Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie().
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.
This affects sessions and messages cookies.
Backport of 240cbb63bf9965c63d7a3cc9032f91410f414d46 from master
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/request-response.txt | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt index 3c63af5978..86a55bc45d 100644 --- a/docs/ref/request-response.txt +++ b/docs/ref/request-response.txt @@ -902,7 +902,7 @@ Methods Using ``samesite='None'`` (string) was allowed. -.. method:: HttpResponse.delete_cookie(key, path='/', domain=None) +.. method:: HttpResponse.delete_cookie(key, path='/', domain=None, samesite=None) Deletes the cookie with the given key. Fails silently if the key doesn't exist. @@ -911,6 +911,10 @@ Methods values you used in ``set_cookie()`` -- otherwise the cookie may not be deleted. + .. versionchanged:: 2.2.15 + + The ``samesite`` argument was added. + .. method:: HttpResponse.close() This method is called at the end of the request directly by the WSGI |
