From df6760f12c2f08287e2aa7b5ddee6e567ab83220 Mon Sep 17 00:00:00 2001 From: Tim Graham Date: Wed, 13 Nov 2013 07:38:03 -0500 Subject: Added a warning regarding risks in serving user uploaded media. Thanks Preston Holmes for the draft text. --- docs/ref/settings.txt | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs/ref') diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index b9a7fd1a81..c99a7e4347 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -1481,6 +1481,12 @@ to a non-empty value. Example: ``"http://media.example.com/"`` +.. warning:: + + There are security risks if you are accepting uploaded content from + untrusted users! See the security guide's topic on + :ref:`user-uploaded-content-security` for mitigation details. + .. warning:: :setting:`MEDIA_URL` and :setting:`STATIC_URL` must have different -- cgit v1.3