[3.0.x] Doc'd HttpResponse.set_cookie()'s secure argument.

danidee10 · felixxm · commit 33d2cda672f2 · 2019-12-13T11:06:47.000+01:00
Backport of 14e690a from master
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
@@ -821,6 +821,8 @@ Methods
       ``domain="example.com"`` will set a cookie that is readable by the
       domains www.example.com, blog.example.com, etc. Otherwise, a cookie will
       only be readable by the domain that set it.
+    * Use ``secure=True`` if you want the cookie to be only sent to the server
+      when a request is made with the ``https`` scheme.
     * Use ``httponly=True`` if you want to prevent client-side
       JavaScript from having access to the cookie.
 
