Added a warning regarding risks in serving user uploaded media.

Thanks Preston Holmes for the draft text.
2025-10-24 06:06:09 +00:00 · 2013-11-13 07:38:03 -05:00
parent 041a076dad
commit df6760f12c
3 changed files with 58 additions and 4 deletions
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -1481,6 +1481,12 @@ to a non-empty value.

 Example: ``"http://media.example.com/"``

+.. warning::
+
+    There are security risks if you are accepting uploaded content from
+    untrusted users! See the security guide's topic on
+    :ref:`user-uploaded-content-security` for mitigation details.
+
 .. warning::

    :setting:`MEDIA_URL` and :setting:`STATIC_URL` must have different