summaryrefslogtreecommitdiff
path: root/django
diff options
context:
space:
mode:
authorMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2007-10-20 05:13:56 +0000
committerMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2007-10-20 05:13:56 +0000
commite172e7be57af5ecdddf7c80361eed27d4658a9cd (patch)
tree78c71cbe8de391d3be3eef91c9a91479ad90eb1d /django
parent1a1a39738a532bf1e9ab6c603b4dc2c3ec9fd999 (diff)
Fixed #4724 -- Added support for configurable session cookie paths. Helps with
multiple Django installs under the same hostname. Thanks, frej and Graham Dumpleton. git-svn-id: http://code.djangoproject.com/svn/django/trunk@6545 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django')
-rw-r--r--django/conf/global_settings.py1
-rw-r--r--django/contrib/sessions/middleware.py12
2 files changed, 8 insertions, 5 deletions
diff --git a/django/conf/global_settings.py b/django/conf/global_settings.py
index b3cbf095c3..6779dbd6a8 100644
--- a/django/conf/global_settings.py
+++ b/django/conf/global_settings.py
@@ -275,6 +275,7 @@ SESSION_COOKIE_NAME = 'sessionid' # Cookie name. This can
SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks).
SESSION_COOKIE_DOMAIN = None # A string like ".lawrence.com", or None for standard domain cookie.
SESSION_COOKIE_SECURE = False # Whether the session cookie should be secure (https:// only).
+SESSION_COOKIE_PATH = '/' # The path of the session cookie.
SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request.
SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether sessions expire when a user closes his browser.
SESSION_ENGINE = 'django.contrib.sessions.backends.db' # The module to store session data
diff --git a/django/contrib/sessions/middleware.py b/django/contrib/sessions/middleware.py
index 4c3c5acc43..7b6c826805 100644
--- a/django/contrib/sessions/middleware.py
+++ b/django/contrib/sessions/middleware.py
@@ -31,7 +31,7 @@ class SessionMiddleware(object):
else:
max_age = settings.SESSION_COOKIE_AGE
rfcdate = formatdate(time.time() + settings.SESSION_COOKIE_AGE)
-
+
# Fixed length date must have '-' separation in the format
# DD-MMM-YYYY for compliance with Netscape cookie standard
expires = datetime.datetime.strftime(datetime.datetime.utcnow() + \
@@ -39,8 +39,10 @@ class SessionMiddleware(object):
# Save the seesion data and refresh the client cookie.
request.session.save()
- response.set_cookie(settings.SESSION_COOKIE_NAME, request.session.session_key,
- max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
- secure=settings.SESSION_COOKIE_SECURE or None)
-
+ response.set_cookie(settings.SESSION_COOKIE_NAME,
+ request.session.session_key, max_age=max_age,
+ expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
+ path=settings.SESSION_COOKIE_PATH,
+ secure=settings.SESSION_COOKIE_SECURE or None)
+
return response