Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Improved session code to force creation of a new session key if the g…

…iven session key doesn't exist -- for extra security

git-svn-id: http://code.djangoproject.com/svn/django/trunk@536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 2972e8b5d5d1cc223e81e4fceef819333bbeb075 1 parent cb02265
@adrianholovaty adrianholovaty authored
Showing with 3 additions and 0 deletions.
  1. +3 −0  django/middleware/sessions.py
View
3  django/middleware/sessions.py
@@ -44,6 +44,9 @@ def _get_session(self):
self._session_cache = s.get_decoded()
except sessions.SessionDoesNotExist:
self._session_cache = {}
+ # Set the session_key to None to force creation of a new
+ # key, for extra security.
+ self.session_key = None
return self._session_cache
_session = property(_get_session)
Please sign in to comment.
Something went wrong with that request. Please try again.