Hi,

Since my last check in I worked on improvements to
contrib.sessions:

 - Introduction of signing framework
 - Session expiry checks (for Ticket [#18194][0]
 - And some other trivial patches.

The tests (existing and the one which I added) are passing.

These changes are in my [Pull Request #78][1] over github.
Paul, could you please review it to see if the patches are usable.

Next, I'll make the changes which may be required in documentation
because of the above.
Today is official start date of the GSoC project, so I'll now start
concentrating more on the project now.

Rohan Jain

[0]: https://code.djangoproject.com/ticket/18194
[1]: https://github.com/django/django/pull/78

On Mon, May 7, 2012 at 12:21 PM, Rohan Jain <crod...@gmail.com> wrote:
> Hi,
>
> Last week I looked into the Ticket [#18194][0]:
>
>  - Trivial attempts to handle the issue.
>  - Wrote a minor initial patch.
>  - The test fails for Cache and Cookie backend.
>
> Also, I looked at the talks from Paul regarding advanced security
> topics at py/django cons. Realised that why I should not attempt
> anything related to encryption in my project.
>
> There is high academic pressure currently, so I am not able to give
> enough time to these. I think the situation will be better this
> weekend onwards.
>
> I'll try to work on:
>
>  - Write tests which emulate the problem in #18194 well, and then work
> on the final fix.
>  - Start looking into resources useful for my project, like [The
> Tangled Web][1].
>
> Rohan Jain
>
>
> [0]: https://code.djangoproject.com/ticket/18194
> [1]: http://www.amazon.com/The-Tangled-Web-Securing-Applications/dp/1593273886

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Reply via email to