[pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
This commit is contained in:
parent
c40974bf11
commit
98de3be5fe
1 changed files with 4 additions and 4 deletions
|
|
@ -213,12 +213,12 @@ There are a few differences from the ``register`` view:
|
||||||
session. The data is stored in a *cookie* that is sent to the
|
session. The data is stored in a *cookie* that is sent to the
|
||||||
browser, and the browser then sends it back with subsequent requests.
|
browser, and the browser then sends it back with subsequent requests.
|
||||||
Flask securely *signs* the data so that it can't be tampered with.
|
Flask securely *signs* the data so that it can't be tampered with.
|
||||||
|
|
||||||
In this tutorial - for debugging purposes - the error messages are explicit
|
In this tutorial - for debugging purposes - the error messages are explicit
|
||||||
about the origin of the corresponding failure: a user already exists, the password
|
about the origin of the corresponding failure: a user already exists, the password
|
||||||
is incorrect or the username does not exist. In a real world application, it is discouraged
|
is incorrect or the username does not exist. In a real world application, it is discouraged
|
||||||
to do so, as this information might be helpful to potential attackers. To learn more about
|
to do so, as this information might be helpful to potential attackers. To learn more about
|
||||||
secure handling of error messages, see the
|
secure handling of error messages, see the
|
||||||
[OWASP recommendations](https://owasp.org/www-project-proactive-controls/v3/en/c10-errors-exceptions).
|
[OWASP recommendations](https://owasp.org/www-project-proactive-controls/v3/en/c10-errors-exceptions).
|
||||||
|
|
||||||
Now that the user's ``id`` is stored in the :data:`session`, it will be
|
Now that the user's ``id`` is stored in the :data:`session`, it will be
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue