0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Commit Graph

73 Commits

Author SHA1 Message Date
Erik Romijn
e26366da44 Fixed #23149 -- Clarified note on HTTPOnly in cookie-based session docs 2014-08-02 18:55:20 +02:00
Christoph Heer
d47409831f Fixed #23067 -- Updated docs to use django-admin 2014-07-30 14:14:03 -04:00
Tim Graham
7d0519c725 Fixed #23023 -- Added warning against local-memory cache.
Thanks django at kerz.id.au.
2014-07-16 12:34:27 -04:00
Tim Graham
3a85aae2ea Revert "Improve cookie based session backend docs." refs #20418
This reverts commit d9c01da1f8.

This is poor advice as it breaks the test client login (refs #22934).
We can add a note like this back after refs #22986 is resolved.
2014-07-09 13:54:41 -04:00
Matt Robenolt
393c0e2422 Fixed #20936 -- When logging out/ending a session, don't create a new, empty session.
Previously, when logging out, the existing session was overwritten by a
new sessionid instead of deleting the session altogether.

This behavior added overhead by creating a new session record in
whichever backend was in use: db, cache, etc.

This extra session is unnecessary at the time since no session data is
meant to be preserved when explicitly logging out.
2014-05-11 21:42:26 -03:00
Tim Graham
51c8045145 Removed versionadded/changed annotations for 1.6. 2014-03-24 11:42:56 -04:00
Baptiste Mispelon
05d36dc06e Always use parentheses when documenting a method with no arguments. 2014-01-22 22:26:10 +01:00
Tim Graham
4d27d311f6 Fixed a sentence in the session security docs; thanks claudep. 2014-01-03 12:02:58 -05:00
Tim Graham
f3e7ab366c Removed gender-based pronouns per [c0a2daad78]. 2013-11-30 08:37:15 -05:00
Alex Gaynor
4e07d93325 Fixed some unnescesarily gendered language in the docs 2013-11-24 21:05:59 -06:00
Tim Graham
f0fc1690b4 Removed unused import in docs/topics/http/sessions.txt 2013-11-22 15:28:22 -05:00
Tim Graham
9348fc5628 Fixed typo in topics/http/sessions.txt. 2013-11-18 19:10:58 -05:00
Tim Graham
a3372f67cb Added a warning regarding session security and subdomains. 2013-10-18 09:42:45 -04:00
Baptiste Mispelon
e1b7723817 Changed the doc to use gender-neutral pronouns when possible. 2013-10-02 16:41:04 +02:00
Tim Graham
00a0d3de02 Clarified session replay attack differences with cookie backend. 2013-10-02 10:15:18 -04:00
Markus Amalthea Magnuson
2c5c422d34 Added missing "in" in sentence. 2013-09-19 13:26:01 -04:00
CHI Cheng
ed9cd4fd8b Fixed #21000 -- Made cached_db session backend respect SESSION_CACHE_ALIAS 2013-09-05 10:47:58 -04:00
Tim Graham
3baf1d1042 Fixed #21002 -- Documented JSON session serialization requires string keys
Thanks jeroen.pulles at redslider.net for the report.
2013-09-03 07:48:03 -04:00
Tim Graham
be48c6c199 Fixed #20997 -- Added SessionStore note to docs.
Thanks jsdalton.
2013-08-29 14:15:58 -04:00
Andrew Godwin
5569b0b92f Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	django/db/backends/oracle/base.py
	django/db/backends/postgresql_psycopg2/base.py
	django/db/models/signals.py
	tests/queries/tests.py
2013-08-23 12:36:53 +01:00
Tim Graham
b0ce6fe656 Fixed #20922 -- Allowed customizing the serializer used by contrib.sessions
Added settings.SESSION_SERIALIZER which is the import path of a serializer
to use for sessions.

Thanks apollo13, carljm, shaib, akaariai, charettes, and dstufft for reviews.
2013-08-22 13:58:26 -04:00
Andrew Godwin
b6a957f0ba Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	docs/ref/django-admin.txt
2013-08-19 18:30:48 +01:00
Tim Graham
7b69c3e775 Removed versionadded/changed annotations for 1.5 2013-08-19 09:09:41 -04:00
Andrew Godwin
de64c4d6e9 Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	django/core/management/commands/flush.py
	django/core/management/commands/syncdb.py
	django/db/models/loading.py
	docs/internals/deprecation.txt
	docs/ref/django-admin.txt
	docs/releases/1.7.txt
2013-08-09 14:17:30 +01:00
Julien Phalip
47c755327b Fixed a number of minor misspellings. 2013-07-27 18:46:03 -07:00
Andrew Godwin
f8297f6323 More migration docs, and conversion of all easy syncdb references 2013-07-25 16:19:36 +01:00
Aymeric Augustin
753edfa4b5 Fixed a rest mistake I introduced in d5ce2ff. 2013-05-19 12:14:44 +02:00
Marc Tamlyn
d9c01da1f8 Improve cookie based session backend docs.
Note the don't require sessions to be in installed apps.
2013-05-19 11:24:35 +02:00
Erik Romijn
d5ce2ff5e4 Fixed #20444 -- Cookie-based sessions does not include a remote code execution-warning 2013-05-18 16:53:13 +02:00
Juan Catalano
78c842a323 Adapted uses of versionchanged/versionadded to the new form.
Refs #20104.
2013-04-20 17:18:35 +02:00
Baptiste Mispelon
2c27300f34 Fix #20195: wrong reference in session settings documentation. 2013-04-04 18:12:12 +02:00
Tim Graham
fe5d9fe5fe Fixed #19962 - Added a note about SESSION_EXPIRE_AT_BROWSER_CLOSE and browsers that persist sessions.
Thanks David Sanders.
2013-03-02 10:11:23 -05:00
Tim Graham
ba50d3e05b Fixed #14633 - Organized settings reference docs and added a topical index.
Thanks Gabriel Hurley for the original idea
and adamv for the draft patch.
2013-01-12 18:44:53 -05:00
Aymeric Augustin
7ee7599ab3 Removed versionadded/changed annotations dating back to 1.4. 2012-12-29 21:59:08 +01:00
Tim Graham
067505ad19 Fixed broken links, round 4. refs #19516 2012-12-29 15:54:33 -05:00
Aymeric Augustin
146ed13a11 Fixed #17083 -- Allowed sessions to use non-default cache. 2012-10-31 09:46:16 +01:00
Aymeric Augustin
5fec97b9df Fixed #18194 -- Expiration of file-based sessions
* Prevented stale session files from being loaded
* Added removal of stale session files in django-admin.py clearsessions

Thanks ej for the report, crodjer and Elvard for their inputs.
2012-10-28 09:19:38 +01:00
Aymeric Augustin
cd17a24083 Added optional kwargs to get_expiry_age/date.
This change allows for cleaner tests: we can test the exact output.

Refs #18194: this change makes it possible to compute session expiry
dates at times other than when the session is saved.

Fixed #18458: the existence of the `modification` kwarg implies that you
must pass it to get_expiry_age/date if you call these functions outside
of a short request - response cycle (the intended use case).
2012-10-27 23:15:45 +02:00
Aymeric Augustin
83ba0a9d4b Fixed #18978 -- Moved cleanup command to sessions.
This removes a dependency of 'core' on 'contrib'.
2012-10-27 18:31:00 +02:00
Preston Holmes
31dcaf49a0 Fixed an error in cookie documentation 2012-10-17 14:53:21 -07:00
Anssi Kääriäinen
aeda55e6bf Fixed #3881 -- skip saving session when response status is 500
Saving session data is somewhat likely to lead into error when the
status code is 500. It is guaranteed to lead into error if the reason
for the 500 code is query error on PostgreSQL.
2012-07-16 20:57:55 +03:00
Claude Paroz
8a5d1a6b93 Updated obsolete links in the documentation 2012-06-28 10:49:07 +02:00
Aymeric Augustin
17f3e9258e Fixed #18397 -- Avoided referencing lawrence.com.
This commit includes multiple small related changes, see the ticket
for a full discussion.
2012-06-07 11:50:20 +02:00
Aymeric Augustin
5116c51b40 Clarified that Django randomizes session keys. Refs #11555, #13478, #18128.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17911 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-04-15 16:34:13 +00:00
Paul McMillan
4d975b4f88 Fixed #16847. Session Cookies now default to httponly = True.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17135 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-21 22:03:03 +00:00
Jannis Leidel
c20d33201c Fixed #17223 -- Correctly reference the signed cookies session backend. Thanks, Bryan Veloso.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17101 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-17 21:16:42 +00:00
Luke Plant
4209ff1fcd Fixed typo in my last commit.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17005 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-17 15:52:01 +00:00
Luke Plant
6205a348f0 Added warning about replay attacks when using the cookies backend for sessions.
The paragraph about encryption was reworded for clarity.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17004 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-17 15:43:24 +00:00
Luke Plant
d1e5c55258 Fixed many more ReST indentation errors, somehow accidentally missed from [16955]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16983 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-14 00:12:01 +00:00
Ramiro Morales
932b1b8d6d Converted links to external topics so they use intersphinx extension markup.
This allows to make these links more resilent to changes in the target URLs.
Thanks Jannis for the report and Aymeric Augustin for the patch.

Fixes #16586.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-04 21:17:30 +00:00