Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Improve cookie based session backend docs.

Note the don't require sessions to be in installed apps.
  • Loading branch information...
commit d9c01da1f8ba3d4e0947fd1d619c8f4a9b013360 1 parent 2d0e36a
@mjtamlyn mjtamlyn authored
Showing with 7 additions and 0 deletions.
  1. +7 −0 docs/topics/http/sessions.txt
View
7 docs/topics/http/sessions.txt
@@ -120,6 +120,13 @@ and the :setting:`SECRET_KEY` setting.
.. note::
+ When using cookies-based sessions :mod:`django.contrib.sessions` can be
+ removed from :setting:`INSTALLED_APPS` setting because data is loaded
+ from the key itself and not from the database, so there is no need for the
+ creation and usage of ``django.contrib.sessions.models.Session`` table.
+
+.. note::
+
It's recommended to leave the :setting:`SESSION_COOKIE_HTTPONLY` setting
``True`` to prevent tampering of the stored data from JavaScript.
Please sign in to comment.
Something went wrong with that request. Please try again.