diff options
Diffstat (limited to 'docs/releases/1.4.6.txt')
| -rw-r--r-- | docs/releases/1.4.6.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/releases/1.4.6.txt b/docs/releases/1.4.6.txt index e6ed040c42..9aaecb5241 100644 --- a/docs/releases/1.4.6.txt +++ b/docs/releases/1.4.6.txt @@ -16,7 +16,7 @@ Django relies on user input in some cases (e.g. :func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and :doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL. The security checks for these redirects (namely -``django.util.http.is_safe_url()``) didn't check if the scheme is ``http(s)`` +``django.utils.http.is_safe_url()``) didn't check if the scheme is ``http(s)`` and as such allowed ``javascript:...`` URLs to be entered. If a developer relied on ``is_safe_url()`` to provide safe redirect targets and put such a URL into a link, they could suffer from a XSS attack. This bug doesn't affect |