| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
file-based sessions.
|
|
|
|
|
|
|
|
| |
backends more extensible.
Introduced an AbstractBaseSession model and hooks providing the option
of overriding the model class used by the session store and the session
store class used by the model.
|
| |
|
|
|
|
|
|
| |
Thanks Florian Apolloner and Carl Meyer for review.
This is a security fix.
|
|
|
|
|
|
|
|
|
| |
loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.
This is a security fix; disclosure to follow shortly.
|
|
|
|
|
|
| |
Changed _session_key attribute to a property and implemented basic
validation in the setter. The session key must be 'truthy' and
at least 8 characters long. Otherwise, the value is set to None.
|
|
|
|
|
|
|
|
| |
backend.
This is a security fix; disclosure to follow shortly.
Thanks Sam Cooke for the report and draft patch.
|
|
|
|
| |
SESSION_COOKIE_DOMAIN
|
|
|
|
|
| |
SimpleCookie.__repr__() changed in
https://hg.python.org/cpython/rev/88e1151e8e02
|
|
|
|
| |
resilient to unpickling exceptions.
|
|
|