From a53175392ff753cc53a4a2d33a5852d113e67363 Mon Sep 17 00:00:00 2001
From: Tim Graham <timograham@gmail.com>
Date: Thu, 24 Dec 2015 11:37:21 -0500
Subject: [PATCH] Refs #13008 -- Forwardported 1.8.8 release note.

Forwardport of b51086d57313e7ea857f4b96b62d25e600ee0a8d from stable/1.8.x
---
 docs/ref/utils.txt      | 4 ++--
 docs/releases/1.8.8.txt | 8 ++++++++
 docs/releases/1.9.txt   | 2 +-
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/docs/ref/utils.txt b/docs/ref/utils.txt
index 369ec6eb51..43d082e47d 100644
--- a/docs/ref/utils.txt
+++ b/docs/ref/utils.txt
@@ -68,9 +68,9 @@ need to distinguish caches by the ``Accept-language`` header.
     Adds a ``Cache-Control: max-age=0, no-cache, no-store, must-revalidate``
     header to a response to indicate that a page should never be cached.
 
-    .. versionchanged:: 1.9
+    .. versionchanged:: 1.8.8
 
-        Before Django 1.9, ``Cache-Control: max-age=0`` was sent. This didn't
+        In older versions, ``Cache-Control: max-age=0`` was sent. This didn't
         reliably prevent caching in all browsers.
 
 .. function:: patch_vary_headers(response, newheaders)
diff --git a/docs/releases/1.8.8.txt b/docs/releases/1.8.8.txt
index e35ed250f5..f3c4e8bba1 100644
--- a/docs/releases/1.8.8.txt
+++ b/docs/releases/1.8.8.txt
@@ -40,3 +40,11 @@ Bugfixes
 
 * Fixed a regression which prevented using a language not in Django's default
   language list (:setting:`LANGUAGES`) (:ticket:`25915`).
+
+* ``django.views.decorators.cache.never_cache()`` now sends more persuasive
+  headers (added ``no-cache, no-store, must-revalidate`` to ``Cache-Control``)
+  to better prevent caching (:ticket:`13008`). This fixes a problem where a
+  page refresh in Firefox cleared the selected entries in the admin's
+  ``filter_horizontal`` and ``filter_vertical`` widgets, which could result
+  in inadvertent data loss if a user didn't notice that and then submitted the
+  form (:ticket:`22955`).
diff --git a/docs/releases/1.9.txt b/docs/releases/1.9.txt
index 587e8861dc..381ea31138 100644
--- a/docs/releases/1.9.txt
+++ b/docs/releases/1.9.txt
@@ -303,7 +303,7 @@ Cache
 
 * :func:`django.views.decorators.cache.never_cache` now sends more persuasive
   headers (added ``no-cache, no-store, must-revalidate`` to ``Cache-Control``)
-  to better prevent caching.
+  to better prevent caching. This was also added in Django 1.8.8.
 
 CSRF
 ^^^^
-- 
2.18.1