docs: remove special meaning of 'back' value in res-location.md

bjohansebas · bjohansebas · commit 7c7bc4501df5 · 2025-03-15T15:46:33.000-05:00
diff --git a/_includes/api/en/4x/res-location.md b/_includes/api/en/4x/res-location.md
@@ -8,6 +8,8 @@ res.location('http://example.com')
 res.location('back')
 ```
 
+{% include admonitions/note.html content="`'back'` was deprecated in 4.21.0, use `req.get('Referrer') || '/'` as an argument instead." %}
+
 A `path` value of "back" has a special meaning, it refers to the URL specified in the `Referer` header of the request. If the `Referer` header was not specified, it refers to "/".
 
 See also [Security best practices: Prevent open redirect 
diff --git a/_includes/api/en/5x/res-location.md b/_includes/api/en/5x/res-location.md
@@ -5,14 +5,8 @@ Sets the response `Location` HTTP header to the specified `path` parameter.
 ```js
 res.location('/foo/bar')
 res.location('http://example.com')
-res.location('back')
 ```
 
-A `path` value of "back" has a special meaning, it refers to the URL specified in the `Referer` header of the request. If the `Referer` header was not specified, it refers to "/".
-
-See also [Security best practices: Prevent open redirect 
-vulnerabilities](http://expressjs.com/en/advanced/best-practice-security.html#prevent-open-redirects). 
-
 <div class='doc-box doc-warn' markdown="1">
 After encoding the URL, if not encoded already, Express passes the specified URL to the browser in the `Location` header,
 without any validation.
