summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Apolloner <florian@apolloner.eu>2020-02-04 08:59:41 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2020-02-04 09:06:55 +0100
commit75daea2fc24da1c987d4fd979adb31a2c5a29d22 (patch)
treea9cf1b272226ddca2d29a75f22fa48e34f9a3f9f
parent8ae84156d62bfc24d71e65cfe4d5cb84b9b1bd91 (diff)
Refs #27604 -- Fixed loading of legacy cookie hashes when CookieStorage.key_salt is changed.
This partially reverts bcc9fa25285f506666fa5074fc43c7114d61bb79 to not break legacy hashes when key_salt is actually changed.
-rw-r--r--django/contrib/messages/storage/cookie.py6
1 files changed, 5 insertions, 1 deletions
diff --git a/django/contrib/messages/storage/cookie.py b/django/contrib/messages/storage/cookie.py
index 5f0366fb19..78256ca3b2 100644
--- a/django/contrib/messages/storage/cookie.py
+++ b/django/contrib/messages/storage/cookie.py
@@ -129,7 +129,11 @@ class CookieStorage(BaseStorage):
Create an HMAC/SHA1 hash based on the value and the project setting's
SECRET_KEY, modified to make it unique for the present purpose.
"""
- return salted_hmac(self.key_salt, value).hexdigest()
+ # The class wide key salt is not reused here since older Django
+ # versions had it fixed and making it dynamic would break old hashes if
+ # self.key_salt is changed.
+ key_salt = 'django.contrib.messages'
+ return salted_hmac(key_salt, value).hexdigest()
def _encode(self, messages, encode_empty=False):
"""