Ticket #3304: django_p26_patch.diff
| File django_p26_patch.diff, 2.5 KB (added by , 15 years ago) |
|---|
-
http/__init__.py
342 342 return self._headers.get(header.lower(), (None, alternate))[1] 343 343 344 344 def set_cookie(self, key, value='', max_age=None, expires=None, path='/', 345 domain=None, secure=False ):345 domain=None, secure=False, httponly=None): 346 346 self.cookies[key] = value 347 347 if max_age is not None: 348 348 self.cookies[key]['max-age'] = max_age … … 354 354 self.cookies[key]['domain'] = domain 355 355 if secure: 356 356 self.cookies[key]['secure'] = True 357 if httponly and self.cookies[key].has_key('httponly'):#python 2.6 only 358 self.cookies[key]['httponly'] = True 357 359 358 360 def delete_cookie(self, key, path='/', domain=None): 359 361 self.set_cookie(key, max_age=0, path=path, domain=domain, -
conf/global_settings.py
316 316 SESSION_COOKIE_PATH = '/' # The path of the session cookie. 317 317 SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request. 318 318 SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether a user's session cookie expires when the Web browser is closed. 319 SESSION_HTTP_ONLY = False # Whether to use the non-RFC standard httpOnly flag (IE, FF3+, others) 319 320 SESSION_ENGINE = 'django.contrib.sessions.backends.db' # The module to store session data 320 321 SESSION_FILE_PATH = None # Directory to store session files if using the file session module. If None, the backend will use a sensible default. 321 322 -
contrib/sessions/middleware.py
38 38 request.session.session_key, max_age=max_age, 39 39 expires=expires, domain=settings.SESSION_COOKIE_DOMAIN, 40 40 path=settings.SESSION_COOKIE_PATH, 41 secure=settings.SESSION_COOKIE_SECURE or None) 41 secure=settings.SESSION_COOKIE_SECURE or None, 42 httponly=settings.SESSION_HTTP_ONLY or None) 42 43 return response