Fixed typo in path to is_safe_url()

author: Tim Graham <timograham@gmail.com> 2015-02-20 09:20:38 -0500
committer: Tim Graham <timograham@gmail.com> 2015-02-20 09:21:39 -0500
commit: dd0b487872de4e3ff966da51e3610bac996e44f0 (patch)
tree: a2f8155e195e76078e8b85cfdee4db84de17753b /docs/releases/1.4.6.txt
parent: d28bcba209fa3f90f92ce2fd216baf5b5800d143 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/releases/1.4.6.txt b/docs/releases/1.4.6.txt
index e6ed040c42..9aaecb5241 100644
--- a/docs/releases/1.4.6.txt
+++ b/docs/releases/1.4.6.txt
@@ -16,7 +16,7 @@ Django relies on user input in some cases (e.g.
 :func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and
 :doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL.
 The security checks for these redirects (namely
-``django.util.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
+``django.utils.http.is_safe_url()``) didn't check if the scheme is ``http(s)``
 and as such allowed ``javascript:...`` URLs to be entered. If a developer
 relied on ``is_safe_url()`` to provide safe redirect targets and put such a
 URL into a link, they could suffer from a XSS attack. This bug doesn't affect
author	Tim Graham <timograham@gmail.com>	2015-02-20 09:20:38 -0500
committer	Tim Graham <timograham@gmail.com>	2015-02-20 09:21:39 -0500
commit	dd0b487872de4e3ff966da51e3610bac996e44f0 (patch)
tree	a2f8155e195e76078e8b85cfdee4db84de17753b /docs/releases/1.4.6.txt
parent	d28bcba209fa3f90f92ce2fd216baf5b5800d143 (diff)