| Age | Commit message (Collapse) | Author |
|
email sending fails.
On successful submission of a password reset request, an email is sent
to the accounts known to the system. If sending this email fails (due to
email backend misconfiguration, service provider outage, network issues,
etc.), an attacker might exploit this by detecting which password reset
requests succeed and which ones generate a 500 error response.
Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
Johnson, and Sarah Boyce for the reviews.
|
|
extra context value.
Backport of 428023e2677aeb80d86b19f90b0c6b82c7cb666d from main
|
|
|
|
issues in docs.
Backport of ba755ca13123d2691a0926ddb64e5d0a2906a880 from main
|
|
Thanks to Petter Strandmark for the original idea and Mariusz Felisiak
for advice during the DjangoConUS 2022 Sprint!
|
|
|
|
appropriate.
|
|
Moved how-to material from topic document into a new document, and
added new material. Introduced minor improvements to logging
reference document.
|
|
This is useful when working with database routing as you want to know
where each query is being executed.
Co-authored-by: David Winterbottom <david.winterbottom@gmail.com>
|
|
Completed a first step in moving reference and how-to material out of
the topic document.
|