From 2ee757ee502d5663f932dc5c35175c39af4640ce Mon Sep 17 00:00:00 2001 From: Jacob Walls Date: Tue, 31 Mar 2026 15:43:18 -0400 Subject: Fixed #36862 -- Doc'd the need for a proxy when deploying RemoteUserMiddleware under ASGI. We have a flood of nuisance security reports describing ASGI deployments using RemoteUserMiddleware without a fronting proxy, which is not realistic. --- docs/ref/middleware.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/ref') diff --git a/docs/ref/middleware.txt b/docs/ref/middleware.txt index a9638cf36e..692001ddf8 100644 --- a/docs/ref/middleware.txt +++ b/docs/ref/middleware.txt @@ -582,7 +582,7 @@ Customize the login URL or field name for authenticated views with the Middleware for utilizing web server provided authentication when enabled only on the login page. See :ref:`persistent-remote-user-middleware-howto` - for usage details. + for usage details, including security considerations. CSRF protection middleware -------------------------- -- cgit v1.3