summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/internals/deprecation.txt4
-rw-r--r--docs/releases/3.1.txt7
-rw-r--r--docs/topics/signing.txt4
3 files changed, 10 insertions, 5 deletions
diff --git a/docs/internals/deprecation.txt b/docs/internals/deprecation.txt
index 826c2ee814..e472d5a443 100644
--- a/docs/internals/deprecation.txt
+++ b/docs/internals/deprecation.txt
@@ -76,6 +76,10 @@ details on these changes.
* Support for the pre-Django 3.1 ``django.core.signing.Signer`` signatures
(encoded with the SHA-1 algorithm) will be removed.
+* Support for the pre-Django 3.1 ``django.core.signing.dumps()`` signatures
+ (encoded with the SHA-1 algorithm) in ``django.core.signing.loads()`` will be
+ removed.
+
* Support for the pre-Django 3.1 user sessions (that use the SHA-1 algorithm)
will be removed.
diff --git a/docs/releases/3.1.txt b/docs/releases/3.1.txt
index 22e47c93ae..59980ef310 100644
--- a/docs/releases/3.1.txt
+++ b/docs/releases/3.1.txt
@@ -418,9 +418,10 @@ Security
origins. If you need the previous behavior, explicitly set
:setting:`SECURE_REFERRER_POLICY` to ``None``.
-* The default :class:`django.core.signing.Signer` algorithm is changed to the
- SHA-256. Support for signatures made with the old SHA-1 algorithm remains
- until Django 4.0.
+* The default algorithm of :class:`django.core.signing.Signer`,
+ :meth:`django.core.signing.loads`, and :meth:`django.core.signing.dumps` is
+ changed to the SHA-256. Support for signatures made with the old SHA-1
+ algorithm remains until Django 4.0.
Also, the new ``algorithm`` parameter of the
:class:`~django.core.signing.Signer` allows customizing the hashing
diff --git a/docs/topics/signing.txt b/docs/topics/signing.txt
index 43d1b00c4a..b015f4bd87 100644
--- a/docs/topics/signing.txt
+++ b/docs/topics/signing.txt
@@ -187,8 +187,8 @@ and tuples) if you pass in a tuple, you will get a list from
.. function:: dumps(obj, key=None, salt='django.core.signing', serializer=JSONSerializer, compress=False)
- Returns URL-safe, sha1 signed base64 compressed JSON string. Serialized
- object is signed using :class:`~TimestampSigner`.
+ Returns URL-safe, signed base64 compressed JSON string. Serialized object
+ is signed using :class:`~TimestampSigner`.
.. function:: loads(string, key=None, salt='django.core.signing', serializer=JSONSerializer, max_age=None)