| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Windows: test_clearsessions_command.
The test session without an expiration date added in refs #22938 wasn't
always deleted on Windows because get_expiry_age() returns zero and the
file backend didn't consider that an expired session.
|
|
|
|
| |
file-based sessions.
|
| |
|
|
|
|
|
|
|
|
| |
backends more extensible.
Introduced an AbstractBaseSession model and hooks providing the option
of overriding the model class used by the session store and the session
store class used by the model.
|
|
|
|
|
|
| |
Thanks Florian Apolloner and Carl Meyer for review.
This is a security fix.
|
|
|
|
|
|
|
|
|
| |
loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.
This is a security fix; disclosure to follow shortly.
|
|
|
|
|
|
| |
Changed _session_key attribute to a property and implemented basic
validation in the setter. The session key must be 'truthy' and
at least 8 characters long. Otherwise, the value is set to None.
|
|
|
|
|
|
|
|
| |
backend.
This is a security fix; disclosure to follow shortly.
Thanks Sam Cooke for the report and draft patch.
|
|
|
|
| |
SESSION_COOKIE_DOMAIN
|
| |
|
|
|
|
|
| |
Updates for languages: Indonesian, Belarusian, Persian, and Dutch.
Forward port of cb370f8510 from stable/1.8.x
|
|
|
|
|
|
|
|
| |
second argument
Changed SessionBase.pop's second argument to explicitly be default=None
rather than *args since _session is always a dict. Thanks gabor for the
report and Tim Graham for the review.
|
|
|
|
| |
Forward port of 5483c66f85 from stable/1.8.x
|
|
|
|
| |
resilient to unpickling exceptions.
|
| |
|
| |
|
| |
|
|
|
|
| |
Python 3.4.3+
|
|
|
|
| |
Forward port of 666c12e52 from stable/1.8.x
|
| |
|
|
|
|
|
|
|
| |
managers in migration
Thanks to Shai Berger, Loïc Bistuer, Simon Charette, Andrew Godwin,
Tim Graham, Carl Meyer, and others for their review and input.
|
|
|
|
| |
imports to range
|
|
|
|
| |
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
|
|
|
|
| |
Django test suite.
|
|
|
|
| |
Forward port of e9c8aefbcee5 from stable/1.7.x
|
|
|
|
| |
refs #23395.
|
|
|
|
| |
Forward port of 49280a73ea5 from stable/1.7.x
|
| |
|
| |
|
|
|
|
| |
refs #22170.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
create a new, empty session.
Previously, when logging out, the existing session was overwritten by a
new sessionid instead of deleting the session altogether.
This behavior added overhead by creating a new session record in
whichever backend was in use: db, cache, etc.
This extra session is unnecessary at the time since no session data is
meant to be preserved when explicitly logging out.
|
| |
|
|
|
|
|
|
| |
django.contrib to use title case
Thanks bendavis78 for the report.
|
|
|
|
|
|
| |
in favor of import_string().
Thanks Aymeric Augustin for the suggestion and review.
|
|
|
|
|
| |
Thanks Russell for the report, Marc for the initial patch, Carl for the
final review, and everyone who contributed to the design discussion.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thanks Curtis Malony and Florian Apolloner.
Squashed commit of the following:
commit 3380495e93f5e81b80a251b03ddb0a80b17685f5
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Nov 23 14:18:07 2013 +0100
Looked up the template_fragments cache at runtime.
commit 905a74f52b24a198f802520ff06290a94dedc687
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Nov 23 14:19:48 2013 +0100
Removed all uses of create_cache.
Refactored the cache tests significantly.
Made it safe to override the CACHES setting.
commit 35e289fe9285feffed3c60657af9279a6a2cfccc
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Nov 23 12:23:57 2013 +0100
Removed create_cache function.
commit 8e274f747a1f1c0c0e6c37873e29067f7fa022e8
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Nov 23 12:04:52 2013 +0100
Updated docs to describe a simplified cache backend API.
commit ee7eb0f73e6d4699edcf5d357dce715224525cf6
Author: Curtis Maloney <curtis@tinbrain.net>
Date: Sat Oct 19 09:49:24 2013 +1100
Fixed #21012 -- Thread-local caches, like databases.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Squashed commit of the following:
commit 63ddb271a44df389b2c302e421fc17b7f0529755
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 29 22:51:00 2013 +0200
Clarified interactions between atomic and exceptions.
commit 2899ec299228217c876ba3aa4024e523a41c8504
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 22 22:45:32 2013 +0200
Fixed TransactionManagementError in tests.
Previous commit introduced an additional check to prevent running
queries in transactions that will be rolled back, which triggered a few
failures in the tests. In practice using transaction.atomic instead of
the low-level savepoint APIs was enough to fix the problems.
commit 4a639b059ea80aeb78f7f160a7d4b9f609b9c238
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Tue Sep 24 22:24:17 2013 +0200
Allowed nesting constraint_checks_disabled inside atomic.
Since MySQL handles transactions loosely, this isn't a problem.
commit 2a4ab1cb6e83391ff7e25d08479e230ca564bfef
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sat Sep 21 18:43:12 2013 +0200
Prevented running queries in transactions that will be rolled back.
This avoids a counter-intuitive behavior in an edge case on databases
with non-atomic transaction semantics.
It prevents using savepoint_rollback() inside an atomic block without
calling set_rollback(False) first, which is backwards-incompatible in
tests.
Refs #21134.
commit 8e3db393853c7ac64a445b66e57f3620a3fde7b0
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun Sep 22 22:14:17 2013 +0200
Replaced manual savepoints by atomic blocks.
This ensures the rollback flag is handled consistently in internal APIs.
|
|
|
|
| |
Thanks joseph at vertstudios.com for the suggestion.
|
|
|
|
| |
unused imports and local variables
|
|
|
|
| |
SESSION_CACHE_ALIAS
|
|
|
|
|
|
|
|
|
| |
by contrib.sessions
Added settings.SESSION_SERIALIZER which is the import path of a serializer
to use for sessions.
Thanks apollo13, carljm, shaib, akaariai, charettes, and dstufft for reviews.
|