summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorPrzemysław Suliga <mail@suligap.net>2016-08-19 14:32:21 +0200
committerTim Graham <timograham@gmail.com>2016-08-19 19:16:00 -0400
commit1f68bb5683608ebe1ce47f0c9d37dad9482d1df9 (patch)
tree7882a425ade1cb5cc852d7c890f4409f67629bd9 /docs
parent549b90fab33c80d1ba6575d4837ea52d79f70fb1 (diff)
Refs #26902 -- Protected against insecure redirects in set_language().
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.11.txt10
1 files changed, 5 insertions, 5 deletions
diff --git a/docs/releases/1.11.txt b/docs/releases/1.11.txt
index 64afe7a841..802a09e6a9 100644
--- a/docs/releases/1.11.txt
+++ b/docs/releases/1.11.txt
@@ -356,12 +356,12 @@ to assign a free port. The ``DJANGO_LIVE_TEST_SERVER_ADDRESS`` environment
variable is no longer used, and as it's also no longer used, the
``manage.py test --liveserver`` option is removed.
-Protection against insecure redirects in :mod:`django.contrib.auth` views
--------------------------------------------------------------------------
+Protection against insecure redirects in :mod:`django.contrib.auth` and ``i18n`` views
+--------------------------------------------------------------------------------------
-``LoginView`` and ``LogoutView`` (and the deprecated function-based equivalents)
-protect users from being redirected to non-HTTPS ``next`` URLs when the app
-is running over HTTPS.
+``LoginView``, ``LogoutView`` (and the deprecated function-based equivalents),
+and :func:`~django.views.i18n.set_language` protect users from being redirected
+to non-HTTPS ``next`` URLs when the app is running over HTTPS.
Miscellaneous
-------------