Permalink
Browse files

Improved session code to force creation of a new session key if the g…

…iven session key doesn't exist -- for extra security

git-svn-id: http://code.djangoproject.com/svn/django/trunk@536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent cb02265 commit 2972e8b5d5d1cc223e81e4fceef819333bbeb075 @adrianholovaty adrianholovaty committed Aug 18, 2005
Showing with 3 additions and 0 deletions.
  1. +3 −0 django/middleware/sessions.py
@@ -44,6 +44,9 @@ def _get_session(self):
self._session_cache = s.get_decoded()
except sessions.SessionDoesNotExist:
self._session_cache = {}
+ # Set the session_key to None to force creation of a new
+ # key, for extra security.
+ self.session_key = None
return self._session_cache
_session = property(_get_session)

0 comments on commit 2972e8b

Please sign in to comment.