Refs #27468 -- Updated django.core.signing docstring.

Follow up to 71c4fb7beb8e3293243140e4bd74e53989196440.
2025-03-18 13:20:46 +00:00 · 2022-02-17 10:01:41 +01:00 · 2022-02-17 10:01:41 +01:00 · a94ae4cb11
commit a94ae4cb11
parent 1e2e1be02b
1 changed files with 3 additions and 3 deletions
--- a/django/core/signing.py
+++ b/django/core/signing.py
@ -8,16 +8,16 @@ The format used looks like this:

 There are two components here, separated by a ':'. The first component is a
 URLsafe base64 encoded JSON of the object passed to dumps(). The second
-component is a base64 encoded hmac/SHA1 hash of "$first_component:$secret"
+component is a base64 encoded hmac/SHA-256 hash of "$first_component:$secret"

 signing.loads(s) checks the signature and returns the deserialized object.
 If the signature fails, a BadSignature exception is raised.

 >>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk")
 'hello'
->>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified")
+>>> signing.loads("ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv42-modified")
 ...
-BadSignature: Signature failed: ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv422nZA4sgmk-modified
+BadSignature: Signature "ImhlbGxvIg:1QaUZC:YIye-ze3TTx7gtSv42-modified" does not match

 You can optionally compress the JSON prior to base64 encoding it to save
 space, using the compress=True argument. This checks if compression actually