#25489: SESSION_SAVE_EVERY_REQUEST Appears to have broke in 1.8.4
----------------------------------+--------------------------------------
Reporter: thornomad | Owner: nobody
Type: Uncategorized | Status: new
Component: contrib.sessions | Version: 1.8
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
----------------------------------+--------------------------------------
Comment (by carljm):
The one time I used `SESSION_SAVE_EVERY_REQUEST` was because there was a
security requirement for authenticated sessions to expire quickly (a
matter of minutes), but that expiry time needed to be updated on each
request (so the expiry would only occur after inactivity, not in the
middle of usage). Currently `SESSION_SAVE_EVERY_REQUEST` is the only way
to get Django to update the session cookie expiry time on each request.
That use case didn't have any need for saving empty sessions for
unauthenticated users, though.
--
Ticket URL: <https://code.djangoproject.com/ticket/25489#comment:4>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/067.cbd0261b71d647cde99d5dfcc726c000%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
