summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--django/core/signing.py6
1 files changed, 3 insertions, 3 deletions
diff --git a/django/core/signing.py b/django/core/signing.py
index 916885abb3..b402d87b87 100644
--- a/django/core/signing.py
+++ b/django/core/signing.py
@@ -8,16 +8,16 @@ The format used looks like this:
There are two components here, separated by a ':'. The first component is a
URLsafe base64 encoded JSON of the object passed to dumps(). The second
-component is a base64 encoded hmac/SHA1 hash of "$first_component:$secret"
+component is a base64 encoded hmac/SHA-256 hash of "$first_component:$secret"
signing.loads(s) checks the signature and returns the deserialized object.
If the signature fails, a BadSignature exception is raised.
>>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk")
'hello'
->>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified")
+>>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv42-modified")
...
-BadSignature: Signature failed: ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified
+BadSignature: Signature "ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv42-modified" does not match
You can optionally compress the JSON prior to base64 encoding it to save
space, using the compress=True argument. This checks if compression actually