id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 20887,Document GzipMiddleware security issues,Daniele Procida,Tim Graham,"https://docs.djangoproject.com/en/dev/ref/middleware/#django.middleware.gzip.GZipMiddleware doesn't provide any caveats. https://docs.djangoproject.com/en/dev/topics/cache/#other-optimizations seems to say that GZipMiddleware is a jolly good idea. In light of https://code.djangoproject.com/ticket/20869 and https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/, what should the docs have to say about using it? If there is a security issue presented by it right now, what should be done about the existing 1.5 (or even earlier) documentation that mentions it?",Bug,closed,Documentation,dev,Normal,fixed,,,Accepted,0,0,0,0,0,0