1
0
mirror of https://github.com/django/django.git synced 2025-01-18 14:24:39 +00:00
Carl Meyer df049ed77a Fixed -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
..