Fixed #27604 -- Used the cookie signer to sign message cookies.

Co-authored-by: Craig Anderson <craiga@craiga.id.au>
2025-10-24 06:06:09 +00:00 · 2020-01-30 23:11:09 +01:00
parent bcc9fa2528
commit 8ae84156d6
4 changed files with 48 additions and 12 deletions
--- a/docs/internals/deprecation.txt
+++ b/docs/internals/deprecation.txt
@@ -46,6 +46,9 @@ details on these changes.

 * The ``HttpRequest.is_ajax()`` method will be removed.

+* Support for the pre-Django 3.1 encoding format of cookies values used by
+  ``django.contrib.messages.storage.cookie.CookieStorage`` will be removed.
+
 See the :ref:`Django 3.1 release notes <deprecated-features-3.1>` for more
 details on these changes.

--- a/docs/releases/3.1.txt
+++ b/docs/releases/3.1.txt
@@ -482,6 +482,11 @@ Miscellaneous
  the new :meth:`.HttpRequest.accepts` method if your code depends on the
  client ``Accept`` HTTP header.

+* The encoding format of cookies values used by
+  :class:`~django.contrib.messages.storage.cookie.CookieStorage` is different
+  from the format generated by older versions of Django. Support for the old
+  format remains until Django 4.0.
+
 .. _removed-features-3.1:

 Features removed in 3.1