diff options
Diffstat (limited to 'docs/releases/1.5.8.txt')
| -rw-r--r-- | docs/releases/1.5.8.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/releases/1.5.8.txt b/docs/releases/1.5.8.txt index 16d3db65cd..93ad815cec 100644 --- a/docs/releases/1.5.8.txt +++ b/docs/releases/1.5.8.txt @@ -39,7 +39,7 @@ Django relies on user input in some cases (e.g. :func:`django.contrib.auth.views.login`, ``django.contrib.comments``, and :doc:`i18n </topics/i18n/index>`) to redirect the user to an "on success" URL. The security checks for these redirects (namely -``django.util.http.is_safe_url()``) did not correctly validate some malformed +``django.utils.http.is_safe_url()``) did not correctly validate some malformed URLs, such as `http:\\\\\\djangoproject.com`, which are accepted by some browsers with more liberal URL parsing. |