mirror of
https://github.com/django/django.git
synced 2024-12-26 11:06:07 +00:00
Improved session code to force creation of a new session key if the given session key doesn't exist -- for extra security
git-svn-id: http://code.djangoproject.com/svn/django/trunk@536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
cb022650e7
commit
2972e8b5d5
@ -44,6 +44,9 @@ class SessionWrapper(object):
|
||||
self._session_cache = s.get_decoded()
|
||||
except sessions.SessionDoesNotExist:
|
||||
self._session_cache = {}
|
||||
# Set the session_key to None to force creation of a new
|
||||
# key, for extra security.
|
||||
self.session_key = None
|
||||
return self._session_cache
|
||||
|
||||
_session = property(_get_session)
|
||||
|
Loading…
Reference in New Issue
Block a user