summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorMariusz Felisiak <felisiak.mariusz@gmail.com>2020-07-16 09:30:15 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2020-07-16 09:35:35 +0200
commitf1a6e6c817f3205ea7da6f973f51524ff630dda5 (patch)
tree0c68c7a7ddcea7000cb2f83f636397f3ac7d7b0b /docs
parent6f09ee2be3c0ce07b096af7ac63b64ee7cfc23cf (diff)
[2.2.x] Fixed #31790 -- Fixed setting SameSite cookies flag in HttpResponse.delete_cookie().
Cookies with the "SameSite" flag set to None and without the "secure" flag will be soon rejected by latest browser versions. This affects sessions and messages cookies. Backport of 331324ecce1330dce3dbd1713203cb9a42854ad7 from stable/3.0.x
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/request-response.txt6
-rw-r--r--docs/releases/2.2.15.txt13
-rw-r--r--docs/releases/index.txt1
3 files changed, 19 insertions, 1 deletions
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index 08eaf62ca4..c0fb0133f3 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -841,7 +841,7 @@ Methods
you will need to remember to pass it to the corresponding
:meth:`HttpRequest.get_signed_cookie` call.
-.. method:: HttpResponse.delete_cookie(key, path='/', domain=None)
+.. method:: HttpResponse.delete_cookie(key, path='/', domain=None, samesite=None)
Deletes the cookie with the given key. Fails silently if the key doesn't
exist.
@@ -850,6 +850,10 @@ Methods
values you used in ``set_cookie()`` -- otherwise the cookie may not be
deleted.
+ .. versionchanged:: 2.2.15
+
+ The ``samesite`` argument was added.
+
.. method:: HttpResponse.close()
This method is called at the end of the request directly by the WSGI
diff --git a/docs/releases/2.2.15.txt b/docs/releases/2.2.15.txt
new file mode 100644
index 0000000000..df26962029
--- /dev/null
+++ b/docs/releases/2.2.15.txt
@@ -0,0 +1,13 @@
+===========================
+Django 2.2.15 release notes
+===========================
+
+*Expected August 3, 2020*
+
+Django 2.2.15 fixes a bug in 2.2.14.
+
+Bugfixes
+========
+
+* Allowed setting the ``SameSite`` cookie flag in
+ :meth:`.HttpResponse.delete_cookie` (:ticket:`31790`).
diff --git a/docs/releases/index.txt b/docs/releases/index.txt
index 2a355d3d94..3cb0089457 100644
--- a/docs/releases/index.txt
+++ b/docs/releases/index.txt
@@ -25,6 +25,7 @@ versions of the documentation contain the release notes for any later releases.
.. toctree::
:maxdepth: 1
+ 2.2.15
2.2.14
2.2.13
2.2.12