diff options
| author | David Smith <39445562+smithdc1@users.noreply.github.com> | 2020-06-17 12:15:56 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-17 13:15:56 +0200 |
| commit | 10df5b71775d8ee98201acb1367266521b17cc00 (patch) | |
| tree | f747b38103abc6f515f7e4078e332475e8148ad2 /docs | |
| parent | 47651eadb8ca7aacddad41da4df64fd2af11faae (diff) | |
Refs #31670 -- Removed whitelist/blacklist terminology in docs and comments.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/1.1.3.txt | 2 | ||||
| -rw-r--r-- | docs/releases/1.2.4.txt | 2 | ||||
| -rw-r--r-- | docs/spelling_wordlist | 1 | ||||
| -rw-r--r-- | docs/topics/forms/modelforms.txt | 2 | ||||
| -rw-r--r-- | docs/topics/security.txt | 2 |
5 files changed, 4 insertions, 5 deletions
diff --git a/docs/releases/1.1.3.txt b/docs/releases/1.1.3.txt index ed4663e18f..c88d676f7e 100644 --- a/docs/releases/1.1.3.txt +++ b/docs/releases/1.1.3.txt @@ -45,6 +45,6 @@ password hashes. To remedy this, ``django.contrib.admin`` will now validate that querystring lookup arguments either specify only fields on the model being viewed, or cross relations which have been explicitly -whitelisted by the application developer using the pre-existing +allowed by the application developer using the pre-existing mechanism mentioned above. This is backwards-incompatible for any users relying on the prior ability to insert arbitrary lookups. diff --git a/docs/releases/1.2.4.txt b/docs/releases/1.2.4.txt index ea0b9a5abc..26a67d9d1e 100644 --- a/docs/releases/1.2.4.txt +++ b/docs/releases/1.2.4.txt @@ -45,7 +45,7 @@ password hashes. To remedy this, ``django.contrib.admin`` will now validate that querystring lookup arguments either specify only fields on the model being viewed, or cross relations which have been explicitly -whitelisted by the application developer using the pre-existing +allowed by the application developer using the pre-existing mechanism mentioned above. This is backwards-incompatible for any users relying on the prior ability to insert arbitrary lookups. diff --git a/docs/spelling_wordlist b/docs/spelling_wordlist index 1a6d35ec5a..06c2f7399d 100644 --- a/docs/spelling_wordlist +++ b/docs/spelling_wordlist @@ -781,7 +781,6 @@ viewable virtualized Weblog whitelist -whitelisted whitespace whitespaces whizbang diff --git a/docs/topics/forms/modelforms.txt b/docs/topics/forms/modelforms.txt index c3e6e5c99e..d1ace729e4 100644 --- a/docs/topics/forms/modelforms.txt +++ b/docs/topics/forms/modelforms.txt @@ -420,7 +420,7 @@ fields, especially when new fields are added to a model. Depending on how the form is rendered, the problem may not even be visible on the web page. The alternative approach would be to include all fields automatically, or -blacklist only some. This fundamental approach is known to be much less secure +remove only some. This fundamental approach is known to be much less secure and has led to serious exploits on major websites (e.g. `GitHub <https://github.com/blog/1068-public-key-security-vulnerability-and-mitigation>`_). diff --git a/docs/topics/security.txt b/docs/topics/security.txt index 426c33d035..fe692cad2a 100644 --- a/docs/topics/security.txt +++ b/docs/topics/security.txt @@ -261,7 +261,7 @@ User-uploaded content from something like ``usercontent-example.com``. It's *not* sufficient to serve content from a subdomain like ``usercontent.example.com``. - #. Beyond this, applications may choose to define a whitelist of allowable + #. Beyond this, applications may choose to define a list of allowable file extensions for user uploaded files and configure the web server to only serve such files. |
