From 006026b492b119319219cd0e6eb2a6cbdb77c4e6 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Sat, 1 May 2021 17:20:02 +0200
Subject: Add a warning about the HMAC thingy for wordpress

---
 doc/source/config.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'doc/source')

diff --git a/doc/source/config.rst b/doc/source/config.rst
index 258b1ab..84e3fa9 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -164,6 +164,12 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
   sp.unserialize_hmac.enable();
   sp.unserialize_hmac.disable();
 
+
+.. warning::
+
+  This feature breaks web applications doing checks on the serialized
+  representation of data on their own, like `WordPress <https://wordpress.com/>`__.
+
 .. _config_cookie-encryption:
 
 Cookies-related mitigations
-- 
cgit v1.3