#34571: Request with invalid session after concurrent logout or session timeout
is
considered a BadRequest
-------------------------------------+-------------------------------------
Reporter: Daniel Nunes | Owner: nobody
Type: Uncategorized | Status: closed
Component: contrib.sessions | Version: 3.2
Severity: Normal | Resolution: wontfix
Keywords: session, session | Triage Stage:
bad request | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Natalia Bidart):
* status: new => closed
* resolution: => wontfix
Comment:
Hello! Thank you for your report. Considering that this was explicitly
discussed in the PR you linked, and that Carlton and the rest of the
reviewers were in agreement at the time to treat this as a 400
`BadRequest`, I believe that the best course of action at this point is to
submit a new topic in the [https://forum.djangoproject.com/c/internals/5
Django Forum], explaining your rationale and response status code change
request. I'll close the ticket for now, but if there is agreement/positive
feedback, please add a new comment here referencing the discussion and
we'll be happy to re-open. Thanks!
--
Ticket URL: <https://code.djangoproject.com/ticket/34571#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070188257fd90d-62d4e473-e830-4c2d-ac67-5ea038609625-000000%40eu-central-1.amazonses.com.
