#17225: Salt used for cookie-based sessions isn't consistent with module name
-------------------------------------+-------------------------------------
Reporter: julien | Owner: nobody
Type: | Status: new
Cleanup/optimization | Version:
Component: contrib.sessions | Resolution:
Severity: Normal | Triage Stage:
Keywords: | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by lukeplant):
Changing this would break everyone's signed session cookies. This feature
was added since 1.3, so we are still allowed to change it, but we might
not want to for the sake of those following trunk.
The possibility of a future clash here is pretty minimal - it would only
happen if we also add a django.contrib.sessions.backends.cookies module,
which presumably would be a cookie backend without signing (what would we
want that?), and then also change our mind and use signing with it after
all!
--
Ticket URL: <https://code.djangoproject.com/ticket/17225#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
