summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/settings.txt5
-rw-r--r--docs/ref/templates/builtins.txt4
2 files changed, 7 insertions, 2 deletions
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index 11db92fe05..de50302e97 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -123,6 +123,11 @@ ALLOWED_INCLUDE_ROOTS
Default: ``()`` (Empty tuple)
+.. deprecated:: 1.8
+
+ Set the ``'allowed_include_roots'`` option in the :setting:`OPTIONS
+ <TEMPLATES-OPTIONS>` of a ``DjangoTemplates`` backend instead.
+
A tuple of strings representing allowed prefixes for the ``{% ssi %}`` template
tag. This is a security measure, so that template authors can't access files
that they shouldn't be accessing.
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index 8e4dc05d38..dced4cdee6 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -996,8 +996,8 @@ file are evaluated as template code, within the current context::
{% ssi '/home/html/ljworld.com/includes/right_generic.html' parsed %}
Note that if you use ``{% ssi %}``, you'll need to define
-:setting:`ALLOWED_INCLUDE_ROOTS` in your Django settings, as a security
-measure.
+``'allowed_include_roots'`` in the :setting:`OPTIONS <TEMPLATES-OPTIONS>` of
+your template engine, as a security measure.
.. note::
With the :ttag:`ssi` tag and the ``parsed`` parameter