summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorMarc Tamlyn <marc.tamlyn@gmail.com>2013-05-18 18:37:39 +0200
committerMarc Tamlyn <marc.tamlyn@gmail.com>2013-05-19 11:24:35 +0200
commitd9c01da1f8ba3d4e0947fd1d619c8f4a9b013360 (patch)
tree09450df93032c8234345dfdb6cdbaecdf9a829ec /docs
parent2d0e36ae37aa7e017eb4bfe923b3ed3e7a5aa1aa (diff)
Improve cookie based session backend docs.
Note the don't require sessions to be in installed apps.
Diffstat (limited to 'docs')
-rw-r--r--docs/topics/http/sessions.txt7
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt
index 0f2955fadd..268055b6fc 100644
--- a/docs/topics/http/sessions.txt
+++ b/docs/topics/http/sessions.txt
@@ -120,6 +120,13 @@ and the :setting:`SECRET_KEY` setting.
.. note::
+ When using cookies-based sessions :mod:`django.contrib.sessions` can be
+ removed from :setting:`INSTALLED_APPS` setting because data is loaded
+ from the key itself and not from the database, so there is no need for the
+ creation and usage of ``django.contrib.sessions.models.Session`` table.
+
+.. note::
+
It's recommended to leave the :setting:`SESSION_COOKIE_HTTPONLY` setting
``True`` to prevent tampering of the stored data from JavaScript.