mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-23 21:59:11 +00:00
Code Issues 32 Releases Wiki Activity

Refs #27468 -- Added tests and release notes for signing.dumps()/loads() changes.

Browse Source 
Follow up to 71c4fb7beb.
This commit is contained in:
Mariusz Felisiak
2020-07-31 07:33:13 +02:00
parent f4ac167119
commit 1d6fdca557
4 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/releases/3.1.txt
View File

@@ -418,9 +418,10 @@ Security
origins. If you need the previous behavior, explicitly set
:setting:`SECURE_REFERRER_POLICY` to ``None``.
* The default :class:`django.core.signing.Signer` algorithm is changed to the
SHA-256. Support for signatures made with the old SHA-1 algorithm remains
until Django 4.0.
* The default algorithm of :class:`django.core.signing.Signer`,
:meth:`django.core.signing.loads`, and :meth:`django.core.signing.dumps` is
changed to the SHA-256. Support for signatures made with the old SHA-1
algorithm remains until Django 4.0.
Also, the new ``algorithm`` parameter of the
:class:`~django.core.signing.Signer` allows customizing the hashing