diff options
author | Doug Fish <drfish@us.ibm.com> | 2015-02-09 16:14:19 -0600 |
---|---|---|
committer | Doug Fish <drfish@us.ibm.com> | 2015-02-09 16:14:19 -0600 |
commit | 3331a72e8266d110d63d845547a05abdd1e57350 (patch) | |
tree | 0fda9649ae53a96f83b46ca5d7e3b8aa9155e1d5 /doc | |
parent | 6a1e50853c780f0b79bedd6e7319e1344a72a0f3 (diff) | |
download | horizon-3331a72e8266d110d63d845547a05abdd1e57350.tar.gz |
Fix documentation for setting password_autocomplete
The current documentation suggests setting password_autocomplete by
changing the default value in the code. This patch updates the
doc to specify changing it by setting it in local_settings.py
Change-Id: I22ba2d9c22350acf206fc8113a80d474651beada
Closes-bug: #1420016
Diffstat (limited to 'doc')
-rw-r--r-- | doc/source/topics/deployment.rst | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/source/topics/deployment.rst b/doc/source/topics/deployment.rst index 5a1c8f02e..9665e086b 100644 --- a/doc/source/topics/deployment.rst +++ b/doc/source/topics/deployment.rst @@ -215,7 +215,13 @@ Note that the CSRF_COOKIE_SECURE option is only available from Django 1.4. It does no harm to have the setting in earlier versions, but it does not take effect. You can also disable `browser autocompletion`_ for the authentication form by -changing the ``password_autocomplete`` attribute to ``off`` in ``horizon/conf/default.py`` +modifying the ``HORIZON_CONFIG`` dictionary in ``local_settings.py`` by adding +the key ``password_autocomplete`` with the value ``off`` as shown here:: + + HORIZON_CONFIG = { + ... + 'password_autocomplete': 'off', + } .. _cross-site scripting: https://www.owasp.org/index.php/HttpOnly .. _browser autocompletion: https://wiki.mozilla.org/The_autocomplete_attribute_and_web_documents_using_XHTML |