summaryrefslogtreecommitdiff
path: root/tests/sessions_tests
AgeCommit message (Collapse)Author
2018-11-27Made reused RequestFactory instances class attributes.Simon Charette
2018-10-03Refs #27795 -- Removed force_bytes() usage in sessions.Jon Dufresne
SessionBase.decode() is the inverse operation to SessionBase.encode(). As SessionBase.encode() always returns a string, SessionBase.decode() should always be passed a string argument. Fixed the file backend, which was the only backend still passing a bytestring.
2018-05-07Replaced django.test.utils.patch_logger() with assertLogs().Claude Paroz
Thanks Tim Graham for the review.
2018-04-13Fixed #27863 -- Added support for the SameSite cookie flag.Alex Gaynor
Thanks Alex Gaynor for contributing to the patch.
2018-03-16Fixed hanging indentation in various code.Mariusz Felisiak
2018-01-02Fixed #28965 -- Updated Set-Cookie's Expires date format to follow RFC 7231.Alexey
2017-09-25Fixed #27857 -- Dropped support for Python 3.4.Tim Graham
2017-06-01Sorted imports per isort 4.2.9.Tim Graham
2017-05-03Converted sessions_tests to use assertIs() rather than assertTrue/False().Tim Graham
2017-05-03Fixed #28167 -- Fixed cache backend's SessionStore.exists() if session_key ↵Tim Graham
is None.
2017-04-18Refs #28066 -- Fixed nondeterministic ordering test failure in sessions_tests.Mariusz Felisiak
Thanks Tim Graham for the review.
2017-04-17Fixed #28066 -- Prevented SessionBase.cycle_key() from discarding data.InvalidInterrupt
2017-01-25Refs #23919 -- Replaced super(ClassName, self) with super().chillaranand
2017-01-24Removed unneeded force_text calls in the test suiteClaude Paroz
2017-01-19Refs #23919 -- Removed SessionBase.iterkeys(), itervalues(), iteritems().Srinivas Reddy Thatiparthy
These methods only work on Python 2.
2017-01-19Refs #23919 -- Stopped inheriting from object to define new style classes.Simon Charette
2017-01-18Refs #23919 -- Removed most of remaining six usageClaude Paroz
Thanks Tim Graham for the review.
2016-11-10Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.za
2016-11-01Fixed #27363 -- Replaced unsafe redirect in SessionMiddleware with ↵Andrew Nester
SuspiciousOperation.
2016-08-08Fixed #26764 -- Fixed Session.cycle_key() crash on unaccessed session.Adam Zapletal
2016-06-28Replaced use of TestCase.fail() with assertRaises().Tim Graham
Also removed try/except/fail antipattern that hides exceptions.
2016-06-21Fixed #26783 -- Fixed SessionMiddleware's empty cookie deletion when using ↵Jon Dufresne
SESSION_COOKIE_PATH.
2016-06-16Fixed #26747 -- Used more specific assertions in the Django test suite.Jon Dufresne
2016-04-20Fixed #26520 -- Fixed a regression where SessionBase.pop() didn't return a ↵Tobias Kroenke
KeyError.
2016-04-20Refs #24621 -- Added a test for SessionBase.pop()'s 'default' argument.Nicolas Noé
2016-04-08Fixed E128 flake8 warnings in tests/.Tim Graham
2016-04-04Refs #21608 -- Fixed incorrect cache key in cache session backend's save().Jon Dufresne
The bug was introduced commit 3389c5ea229884a1943873fe7e7ffc2800cefc22.
2016-02-26Fixed #21608 -- Prevented logged out sessions being resurrected by ↵Tore Lundqvist
concurrent requests. Thanks Simon Charette for the review.
2016-02-26Cleaned up session backends tests.Simon Charette
Made SessionTestsMixin backend agnostic and removed code obsoleted by the test discovery refactor.
2016-02-04Stopped registering the sessions tests models to the sessions app.Simon Charette
2016-01-29Refs #26022 -- Used context manager version of assertRaises in tests.Hasan
2015-10-20Fixed quad quoted ("""") docstring starts.John Vandenberg
2015-10-03Fixed #22938 -- Allowed clearsessions to remove file-based sessions.Aleksandra Tarkowska
2015-08-27Fixed #22634 -- Made the database-backed session backends more extensible.Sergey Kolosov
Introduced an AbstractBaseSession model and hooks providing the option of overriding the model class used by the session store and the session store class used by the model.
2015-08-20Added a test to ensure empty sessions are saved.Tim Graham
2015-08-18Fixed DoS possiblity in contrib.auth.views.logout()Tim Graham
Thanks Florian Apolloner and Carl Meyer for review. This is a security fix.
2015-07-08Fixed #19324 -- Avoided creating a session record when loading the session.Carl Meyer
The session record is now only created if/when the session is modified. This prevents a potential DoS via creation of many empty session records. This is a security fix; disclosure to follow shortly.
2015-06-06Fixed #24915 -- Added stricter session key validationDavid Bannon
Changed _session_key attribute to a property and implemented basic validation in the setter. The session key must be 'truthy' and at least 8 characters long. Otherwise, the value is set to None.
2015-05-20Fixed incorrect session.flush() in cached_db session backend.Tim Graham
This is a security fix; disclosure to follow shortly. Thanks Sam Cooke for the report and draft patch.
2015-05-15Fixed #24799 -- Fixed session cookie deletion when using SESSION_COOKIE_DOMAINBo Lopker
2015-03-31Fixed sessions test on Python 3.5; refs #23763.Tim Graham
SimpleCookie.__repr__() changed in https://hg.python.org/cpython/rev/88e1151e8e02
2015-03-12Fixed #24468 -- Made signed cookies cache backend resilient to unpickling ↵Tim Graham
exceptions.
2015-02-11Moved contrib.sessions tests out of contrib.Tim Graham