diff options
| author | Aymeric Augustin <aymeric.augustin@m4x.org> | 2014-12-14 22:59:51 +0100 |
|---|---|---|
| committer | Aymeric Augustin <aymeric.augustin@m4x.org> | 2014-12-28 17:02:30 +0100 |
| commit | 3dc01aaaaf7cf070933a8f5ee9a5f9136503d676 (patch) | |
| tree | 423377577663d509ec7633d9140d7fe9c04a52c1 /docs/ref | |
| parent | 84d7c93feb5ebad83fa88b02779db7e85928f0a8 (diff) | |
Deprecated ALLOWED_INCLUDE_ROOTS.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/settings.txt | 5 | ||||
| -rw-r--r-- | docs/ref/templates/builtins.txt | 4 |
2 files changed, 7 insertions, 2 deletions
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index 11db92fe05..de50302e97 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -123,6 +123,11 @@ ALLOWED_INCLUDE_ROOTS Default: ``()`` (Empty tuple) +.. deprecated:: 1.8 + + Set the ``'allowed_include_roots'`` option in the :setting:`OPTIONS + <TEMPLATES-OPTIONS>` of a ``DjangoTemplates`` backend instead. + A tuple of strings representing allowed prefixes for the ``{% ssi %}`` template tag. This is a security measure, so that template authors can't access files that they shouldn't be accessing. diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index 8e4dc05d38..dced4cdee6 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -996,8 +996,8 @@ file are evaluated as template code, within the current context:: {% ssi '/home/html/ljworld.com/includes/right_generic.html' parsed %} Note that if you use ``{% ssi %}``, you'll need to define -:setting:`ALLOWED_INCLUDE_ROOTS` in your Django settings, as a security -measure. +``'allowed_include_roots'`` in the :setting:`OPTIONS <TEMPLATES-OPTIONS>` of +your template engine, as a security measure. .. note:: With the :ttag:`ssi` tag and the ``parsed`` parameter |
