Merge branch '5.4' into 6.4

javiereguiluz · javiereguiluz · commit 641c77398750 · 2024-08-26T10:39:01.000+02:00
* 5.4:
  complete list of support content types
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
@@ -330,10 +330,10 @@ form_only
 **type**: ``boolean`` **default**: ``false``
 
 Set this option to ``true`` to require that the login data is sent using a form
-(it checks that the request content-type is ``application/x-www-form-urlencoded``).
-This is useful for example to prevent the :ref:`form login authenticator <security-form-login>`
-from responding to requests that should be handled by the
-:ref:`JSON login authenticator <security-json-login>`.
+(it checks that the request content-type is ``application/x-www-form-urlencoded``
+or ``multipart/form-data``). This is useful for example to prevent the
+:ref:`form login authenticator <security-form-login>` from responding to
+requests that should be handled by the :ref:`JSON login authenticator <security-json-login>`.
 
 use_forward
 ...........
