mirrors
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues 24 Releases Wiki Activity

Refs #27604 -- Fixed loading of legacy cookie hashes when CookieStorage.key_salt is changed. 

This partially reverts bcc9fa2528 to
not break legacy hashes when key_salt is actually changed.
This commit is contained in:
Florian Apolloner 2020-02-04 08:59:41 +01:00 committed by Mariusz Felisiak
parent 8ae84156d6
commit 75daea2fc2
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
django/contrib/messages/storage/cookie.py
View File

@ -129,7 +129,11 @@ class CookieStorage(BaseStorage):
Create an HMAC/SHA1 hash based on the value and the project setting's Create an HMAC/SHA1 hash based on the value and the project setting's
SECRET_KEY, modified to make it unique for the present purpose. SECRET_KEY, modified to make it unique for the present purpose.
""" """
return salted_hmac(self.key_salt, value).hexdigest() # The class wide key salt is not reused here since older Django
# versions had it fixed and making it dynamic would break old hashes if
# self.key_salt is changed.
key_salt = 'django.contrib.messages'
return salted_hmac(key_salt, value).hexdigest()
def _encode(self, messages, encode_empty=False): def _encode(self, messages, encode_empty=False):
""" """