From eb76cae6fdb6c1b0bfcace17d0dec946fe767f84 Mon Sep 17 00:00:00 2001 From: Soul Lee Date: Mon, 15 Apr 2024 20:10:17 +0900 Subject: [PATCH] Update SessionMiddleware and TrustedHostMiddleware Documentation (#2572) * Add 'path' argument in SessionMiddleware docs to reflect its presence in the code. * Add 'www_redirect' argument in TrustedHostMiddleware docs to reflect its presence in the code. --- docs/middleware.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/middleware.md b/docs/middleware.md index dfe0a70d7..ea6a2b9c2 100644 --- a/docs/middleware.md +++ b/docs/middleware.md @@ -104,6 +104,7 @@ The following arguments are supported: * `session_cookie` - Defaults to "session". * `max_age` - Session expiry time in seconds. Defaults to 2 weeks. If set to `None` then the cookie will last as long as the browser session. * `same_site` - SameSite flag prevents the browser from sending session cookie along with cross-site requests. Defaults to `'lax'`. +* `path` - The path set for the session cookie. Defaults to `'/'`. * `https_only` - Indicate that Secure flag should be set (can be used with HTTPS only). Defaults to `False`. * `domain` - Domain of the cookie used to share cookie between subdomains or cross-domains. The browser defaults the domain to the same host that set the cookie, excluding subdomains [refrence](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#domain_attribute). @@ -167,6 +168,7 @@ The following arguments are supported: * `allowed_hosts` - A list of domain names that should be allowed as hostnames. Wildcard domains such as `*.example.com` are supported for matching subdomains. To allow any hostname either use `allowed_hosts=["*"]` or omit the middleware. +* `www_redirect` - If set to True, requests to non-www versions of the allowed hosts will be redirected to their www counterparts. Defaults to `True`. If an incoming request does not validate correctly then a 400 response will be sent.