diff options
| author | Jacob Walls <jacobtylerwalls@gmail.com> | 2026-03-31 15:43:18 -0400 |
|---|---|---|
| committer | Jacob Walls <jacobtylerwalls@gmail.com> | 2026-04-02 09:22:17 -0400 |
| commit | 64dfc41d563afe3c66402f7906c902800d0a3ac6 (patch) | |
| tree | b1d5ec5576a1a925a175d26b86b9b29f92bbd340 /docs/ref | |
| parent | a5c28dc1d7606f11adb932d0bd4dba899a028007 (diff) | |
[6.0.x] Fixed #36862 -- Doc'd the need for a proxy when deploying RemoteUserMiddleware under ASGI.
We have a flood of nuisance security reports describing ASGI deployments
using RemoteUserMiddleware without a fronting proxy, which is not
realistic.
Backport of 2ee757ee502d5663f932dc5c35175c39af4640ce from main.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/middleware.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/ref/middleware.txt b/docs/ref/middleware.txt index 29e8f7b941..9fdc54264c 100644 --- a/docs/ref/middleware.txt +++ b/docs/ref/middleware.txt @@ -580,7 +580,7 @@ Middleware for utilizing web server provided authentication. See Middleware for utilizing web server provided authentication when enabled only on the login page. See :ref:`persistent-remote-user-middleware-howto` for usage -details. +details, including security considerations. CSRF protection middleware -------------------------- |
