Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Browse files

Improve cookie based session backend docs.

Note the don't require sessions to be in installed apps.
  • Loading branch information...
1 parent 2d0e36a commit d9c01da1f8ba3d4e0947fd1d619c8f4a9b013360 @mjtamlyn mjtamlyn committed
Showing with 7 additions and 0 deletions.
  1. +7 −0 docs/topics/http/sessions.txt
7 docs/topics/http/sessions.txt
@@ -120,6 +120,13 @@ and the :setting:`SECRET_KEY` setting.
.. note::
+ When using cookies-based sessions :mod:`django.contrib.sessions` can be
+ removed from :setting:`INSTALLED_APPS` setting because data is loaded
+ from the key itself and not from the database, so there is no need for the
+ creation and usage of ``django.contrib.sessions.models.Session`` table.
+.. note::
It's recommended to leave the :setting:`SESSION_COOKIE_HTTPONLY` setting
``True`` to prevent tampering of the stored data from JavaScript.

0 comments on commit d9c01da

Please sign in to comment.
Something went wrong with that request. Please try again.