Update SessionMiddleware and TrustedHostMiddleware Documentation (#2572)

* Add 'path' argument in SessionMiddleware docs to reflect its presence in the code.

* Add 'www_redirect' argument in TrustedHostMiddleware docs to reflect its presence in the code.

diff --git a/docs/middleware.md b/docs/middleware.md
index dfe0a70d7bb5682beb5203c5293cc316559a3fdb..ea6a2b9c211a5861aa89fd5ffe21f71b8da94fb9 100644 (file)
--- a/docs/middleware.md
+++ b/docs/middleware.md
@@ -104,6 +104,7 @@ The following arguments are supported:
 * `session_cookie` - Defaults to "session".
 * `max_age` - Session expiry time in seconds. Defaults to 2 weeks. If set to `None` then the cookie will last as long as the browser session.
 * `same_site` - SameSite flag prevents the browser from sending session cookie along with cross-site requests. Defaults to `'lax'`.
+* `path` - The path set for the session cookie. Defaults to `'/'`.
 * `https_only` - Indicate that Secure flag should be set (can be used with HTTPS only). Defaults to `False`.
 * `domain` - Domain of the cookie used to share cookie between subdomains or cross-domains. The browser defaults the domain to the same host that set the cookie, excluding subdomains [refrence](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#domain_attribute).
 
@@ -167,6 +168,7 @@ The following arguments are supported:
 * `allowed_hosts` - A list of domain names that should be allowed as hostnames. Wildcard
 domains such as `*.example.com` are supported for matching subdomains. To allow any
 hostname either use `allowed_hosts=["*"]` or omit the middleware.
+* `www_redirect` - If set to True, requests to non-www versions of the allowed hosts will be redirected to their www counterparts. Defaults to `True`.
 
 If an incoming request does not validate correctly then a 400 response will be sent.