Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Improved session code to force creation of a new session key if the g…

…iven session key doesn't exist -- for extra security

git-svn-id: http://code.djangoproject.com/svn/django/trunk@536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 2972e8b5d5d1cc223e81e4fceef819333bbeb075 1 parent cb02265
Adrian Holovaty authored August 18, 2005

Showing 1 changed file with 3 additions and 0 deletions. Show diff stats Hide diff stats

  1. 3  django/middleware/sessions.py
3  django/middleware/sessions.py
@@ -44,6 +44,9 @@ def _get_session(self):
44 44
                     self._session_cache = s.get_decoded()
45 45
                 except sessions.SessionDoesNotExist:
46 46
                     self._session_cache = {}
  47
+                    # Set the session_key to None to force creation of a new
  48
+                    # key, for extra security.
  49
+                    self.session_key = None
47 50
             return self._session_cache
48 51
 
49 52
     _session = property(_get_session)

0 notes on commit 2972e8b

Please sign in to comment.
Something went wrong with that request. Please try again.