diff options
| author | Adam Johnson <me@adamj.eu> | 2020-02-05 10:02:35 +0000 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-02-05 14:39:01 +0100 |
| commit | 72b97a5b1e22f5d464045be2e33f0436fa8061d3 (patch) | |
| tree | f07339168dd9fd228f9d3eab12046cc545e93b88 /docs/ref | |
| parent | 7fa1a93c6c8109010a6ff3f604fda83b604e0e97 (diff) | |
Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'.
Diffstat (limited to 'docs/ref')
| -rw-r--r-- | docs/ref/settings.txt | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index b4a5bdc48f..8c3f6f2b47 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -2395,12 +2395,16 @@ from URL paths, so patterns shouldn't include them, e.g. .. versionadded:: 3.0 -Default: ``None`` +Default: ``'same-origin'`` If configured, the :class:`~django.middleware.security.SecurityMiddleware` sets the :ref:`referrer-policy` header on all responses that do not already have it to the value provided. +.. versionchanged:: 3.1 + + In older versions, the default value is ``None``. + .. setting:: SECURE_SSL_HOST ``SECURE_SSL_HOST`` |
