diff options
| author | David Lord <davidism@gmail.com> | 2019-08-04 21:29:28 -0700 |
|---|---|---|
| committer | David Lord <davidism@gmail.com> | 2019-08-04 21:29:28 -0700 |
| commit | 5a455d5f2ec0228ebe633e7dfa979c4aff19c90f (patch) | |
| tree | 3dc253738aef12a16f73f2fb873c6bff7d77f532 /docs/index.rst | |
| parent | c880f85ccdaee29adab8b47ad79eb7bdec507b57 (diff) | |
| parent | 7857e870a5bab1b3bdf16abd3a7ecce2646ca1b2 (diff) | |
| download | itsdangerous-5a455d5f2ec0228ebe633e7dfa979c4aff19c90f.tar.gz | |
Merge branch '1.1.x'
Diffstat (limited to 'docs/index.rst')
| -rw-r--r-- | docs/index.rst | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/docs/index.rst b/docs/index.rst index 3a98d0b..c5b16cb 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -1,23 +1,23 @@ .. rst-class:: hide-header -itsdangerous +ItsDangerous ============ .. image:: _static/itsdangerous-logo.png :align: center :target: https://palletsprojects.com/p/itsdangerous/ -Sometimes you just want to send some data to untrusted environments. But -how to do this safely? The trick involves signing. Given a key only you -know, you can cryptographically sign your data and hand it over to someone -else. When you get the data back you can easily ensure that nobody tampered -with it. +Sometimes you just want to send some data to untrusted environments. But +how to do this safely? The trick involves signing. Given a key only you +know, you can cryptographically sign your data and hand it over to +someone else. When you get the data back you can easily ensure that +nobody tampered with it. Granted, the receiver can decode the contents and look into the package, but they can not modify the contents unless they also have your secret -key. So if you keep the key secret and complex, you will be fine. +key. So if you keep the key secret and complex, you will be fine. -Internally itsdangerous uses HMAC and SHA-512 for signing by default. +Internally ItsDangerous uses HMAC and SHA-512 for signing by default. The initial implementation was inspired by `Django's signing module <https://docs.djangoproject.com/en/dev/topics/signing/>`_. It also supports JSON Web Signatures (JWS). The library is BSD licensed. @@ -45,7 +45,7 @@ Example Use Cases - Signed objects can be stored in cookies or other untrusted sources which means you don't need to have sessions stored on the server, which reduces the number of necessary database queries. -- Signed information can safely do a roundtrip between server and +- Signed information can safely do a round trip between server and client in general which makes them useful for passing server-side state to a client and then back. |