#9977: CSRFMiddleware needs template tag
---------------------------------------------+------------------------------
Reporter: bthomas | Owner: nobody
Status: new | Milestone: 1.1 beta
Component: Uncategorized | Version: SVN
Resolution: | Keywords: csrf
Stage: Design decision needed | Has_patch: 1
Needs_docs: 1 | Needs_tests: 0
Needs_better_patch: 1 |
---------------------------------------------+------------------------------
Comment (by bthomas):
Hm. In my testing, it made a difference. I think the difference was that
in actual use, {{{SessionStore.load()}}} will be called whenever anything
in the session is accessed (like the user id). {{{load()}}} will create a
new session key if the one given is invalid. You could ensure this happens
in the CSRF middleware by accessing {{{SessionStore._session}}} (or any
method that uses it, like {{{__contains__}}}, {{{keys()}}}, etc) before
checking {{{session_key}}}.
--
Ticket URL: <http://code.djangoproject.com/ticket/9977#comment:17>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
