diff options
| author | Marc Tamlyn <marc.tamlyn@gmail.com> | 2013-05-18 18:37:39 +0200 |
|---|---|---|
| committer | Marc Tamlyn <marc.tamlyn@gmail.com> | 2013-05-19 11:24:35 +0200 |
| commit | d9c01da1f8ba3d4e0947fd1d619c8f4a9b013360 (patch) | |
| tree | 09450df93032c8234345dfdb6cdbaecdf9a829ec /docs | |
| parent | 2d0e36ae37aa7e017eb4bfe923b3ed3e7a5aa1aa (diff) | |
Improve cookie based session backend docs.
Note the don't require sessions to be in installed apps.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/topics/http/sessions.txt | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt index 0f2955fadd..268055b6fc 100644 --- a/docs/topics/http/sessions.txt +++ b/docs/topics/http/sessions.txt @@ -120,6 +120,13 @@ and the :setting:`SECRET_KEY` setting. .. note:: + When using cookies-based sessions :mod:`django.contrib.sessions` can be + removed from :setting:`INSTALLED_APPS` setting because data is loaded + from the key itself and not from the database, so there is no need for the + creation and usage of ``django.contrib.sessions.models.Session`` table. + +.. note:: + It's recommended to leave the :setting:`SESSION_COOKIE_HTTPONLY` setting ``True`` to prevent tampering of the stored data from JavaScript. |
