diff options
| author | Tim Graham <timograham@gmail.com> | 2016-09-29 19:51:59 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-09-29 19:51:59 -0400 |
| commit | eb4d4376fc0f3958ef8e801434ef2bb61a07b56a (patch) | |
| tree | 9624bd3ad4daa04f6ac255c79927a39349dc57ec /docs/releases | |
| parent | a09c058918f85949fd4c003e7ae62869f4559bd3 (diff) | |
Normalized spelling of "Web server/page" in docs.
Diffstat (limited to 'docs/releases')
| -rw-r--r-- | docs/releases/1.3.6.txt | 6 | ||||
| -rw-r--r-- | docs/releases/1.4.4.txt | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/docs/releases/1.3.6.txt b/docs/releases/1.3.6.txt index 9ed92bd6c2..ab2e86c661 100644 --- a/docs/releases/1.3.6.txt +++ b/docs/releases/1.3.6.txt @@ -16,10 +16,10 @@ Host header poisoning Some parts of Django -- independent of end-user-written applications -- make use of full URLs, including domain name, which are generated from the HTTP Host header. Django's documentation has for some time contained notes advising users -on how to configure webservers to ensure that only valid Host headers can reach +on how to configure Web servers to ensure that only valid Host headers can reach the Django application. However, it has been reported to us that even with the -recommended webserver configurations there are still techniques available for -tricking many common webservers into supplying the application with an +recommended Web server configurations there are still techniques available for +tricking many common Web servers into supplying the application with an incorrect and possibly malicious Host header. For this reason, Django 1.3.6 adds a new setting, ``ALLOWED_HOSTS``, which diff --git a/docs/releases/1.4.4.txt b/docs/releases/1.4.4.txt index c15c0e14c3..57efe5de8a 100644 --- a/docs/releases/1.4.4.txt +++ b/docs/releases/1.4.4.txt @@ -17,10 +17,10 @@ Host header poisoning Some parts of Django -- independent of end-user-written applications -- make use of full URLs, including domain name, which are generated from the HTTP Host header. Django's documentation has for some time contained notes advising users -on how to configure webservers to ensure that only valid Host headers can reach +on how to configure Web servers to ensure that only valid Host headers can reach the Django application. However, it has been reported to us that even with the -recommended webserver configurations there are still techniques available for -tricking many common webservers into supplying the application with an +recommended Web server configurations there are still techniques available for +tricking many common Web servers into supplying the application with an incorrect and possibly malicious Host header. For this reason, Django 1.4.4 adds a new setting, ``ALLOWED_HOSTS``, containing |
