summaryrefslogtreecommitdiff
path: root/docs/topics/http
diff options
context:
space:
mode:
Diffstat (limited to 'docs/topics/http')
-rw-r--r--docs/topics/http/sessions.txt6
1 files changed, 3 insertions, 3 deletions
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt
index 2f13c9662a..dcd4ea2c74 100644
--- a/docs/topics/http/sessions.txt
+++ b/docs/topics/http/sessions.txt
@@ -110,8 +110,8 @@ and the :setting:`SECRET_KEY` setting.
.. note::
- It's recommended to set the :setting:`SESSION_COOKIE_HTTPONLY` setting
- to ``True`` to prevent tampering of the stored data from JavaScript.
+ It's recommended to leave the :setting:`SESSION_COOKIE_HTTPONLY` setting
+ ``True`` to prevent tampering of the stored data from JavaScript.
.. warning::
@@ -504,7 +504,7 @@ The domain to use for session cookies. Set this to a string such as
SESSION_COOKIE_HTTPONLY
-----------------------
-Default: ``False``
+Default: ``True``
Whether to use HTTPOnly flag on the session cookie. If this is set to
``True``, client-side JavaScript will not to be able to access the