summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorMariusz Felisiak <felisiak.mariusz@gmail.com>2020-07-31 07:33:13 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2020-07-31 22:05:02 +0200
commit1d6fdca557e674b9a789b51caadca8985e588492 (patch)
tree86132a2a630f06698daaed5ab869ce94c5e064f2 /docs
parentf4ac167119e8897c398527c392ed117326496652 (diff)
Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes.
Follow up to 71c4fb7beb8e3293243140e4bd74e53989196440.
Diffstat (limited to 'docs')
-rw-r--r--docs/internals/deprecation.txt4
-rw-r--r--docs/releases/3.1.txt7
-rw-r--r--docs/topics/signing.txt4
3 files changed, 10 insertions, 5 deletions
diff --git a/docs/internals/deprecation.txt b/docs/internals/deprecation.txt
index 826c2ee814..e472d5a443 100644
--- a/docs/internals/deprecation.txt
+++ b/docs/internals/deprecation.txt
@@ -76,6 +76,10 @@ details on these changes.
* Support for the pre-Django 3.1 ``django.core.signing.Signer`` signatures
(encoded with the SHA-1 algorithm) will be removed.
+* Support for the pre-Django 3.1 ``django.core.signing.dumps()`` signatures
+ (encoded with the SHA-1 algorithm) in ``django.core.signing.loads()`` will be
+ removed.
+
* Support for the pre-Django 3.1 user sessions (that use the SHA-1 algorithm)
will be removed.
diff --git a/docs/releases/3.1.txt b/docs/releases/3.1.txt
index 22e47c93ae..59980ef310 100644
--- a/docs/releases/3.1.txt
+++ b/docs/releases/3.1.txt
@@ -418,9 +418,10 @@ Security
origins. If you need the previous behavior, explicitly set
:setting:`SECURE_REFERRER_POLICY` to ``None``.
-* The default :class:`django.core.signing.Signer` algorithm is changed to the
- SHA-256. Support for signatures made with the old SHA-1 algorithm remains
- until Django 4.0.
+* The default algorithm of :class:`django.core.signing.Signer`,
+ :meth:`django.core.signing.loads`, and :meth:`django.core.signing.dumps` is
+ changed to the SHA-256. Support for signatures made with the old SHA-1
+ algorithm remains until Django 4.0.
Also, the new ``algorithm`` parameter of the
:class:`~django.core.signing.Signer` allows customizing the hashing
diff --git a/docs/topics/signing.txt b/docs/topics/signing.txt
index 43d1b00c4a..b015f4bd87 100644
--- a/docs/topics/signing.txt
+++ b/docs/topics/signing.txt
@@ -187,8 +187,8 @@ and tuples) if you pass in a tuple, you will get a list from
.. function:: dumps(obj, key=None, salt='django.core.signing', serializer=JSONSerializer, compress=False)
- Returns URL-safe, sha1 signed base64 compressed JSON string. Serialized
- object is signed using :class:`~TimestampSigner`.
+ Returns URL-safe, signed base64 compressed JSON string. Serialized object
+ is signed using :class:`~TimestampSigner`.
.. function:: loads(string, key=None, salt='django.core.signing', serializer=JSONSerializer, max_age=None)