Add a warning about the HMAC thingy for wordpress

author: jvoisin 2021-05-01 17:20:02 +0200
committer: jvoisin 2021-05-01 17:20:02 +0200
commit: 006026b492b119319219cd0e6eb2a6cbdb77c4e6 (patch)
tree: 5dedcd612cbfc8b033915d8a5ecaf34bdf4fcf3f /doc/source/config.rst
parent: 4dc67f99e579d7c6e147a5388b079ca627186bbf (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/source/config.rst b/doc/source/config.rst
index 258b1ab..84e3fa9 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -164,6 +164,12 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
  sp.unserialize_hmac.enable();
  sp.unserialize_hmac.disable();
+.. warning::
+  This feature breaks web applications doing checks on the serialized
+  representation of data on their own, like `WordPress <https://wordpress.com/>`__.
 .. _config_cookie-encryption:
 Cookies-related mitigations
author	jvoisin	2021-05-01 17:20:02 +0200
committer	jvoisin	2021-05-01 17:20:02 +0200
commit	006026b492b119319219cd0e6eb2a6cbdb77c4e6 (patch)
tree	5dedcd612cbfc8b033915d8a5ecaf34bdf4fcf3f /doc/source/config.rst
parent	4dc67f99e579d7c6e147a5388b079ca627186bbf (diff)

diff --git a/doc/source/config.rst b/doc/source/config.rst index 258b1ab..84e3fa9 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst
@@ -164,6 +164,12 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
164	sp.unserialize_hmac.enable();	164	sp.unserialize_hmac.enable();
165	sp.unserialize_hmac.disable();	165	sp.unserialize_hmac.disable();
166		166
		167
		168	.. warning::
		169
		170	This feature breaks web applications doing checks on the serialized
		171	representation of data on their own, like `WordPress <https://wordpress.com/>`__.
		172
167	.. _config_cookie-encryption:	173	.. _config_cookie-encryption:
168		174
169	Cookies-related mitigations	175	Cookies-related mitigations