summaryrefslogtreecommitdiff
path: root/tests/sessions_tests
AgeCommit message (Collapse)Author
2016-04-20Fixed #26520 -- Fixed a regression where SessionBase.pop() didn't return a ↵Tobias Kroenke
KeyError.
2016-04-20Refs #24621 -- Added a test for SessionBase.pop()'s 'default' argument.Nicolas Noé
2016-04-08Fixed E128 flake8 warnings in tests/.Tim Graham
2016-04-04Refs #21608 -- Fixed incorrect cache key in cache session backend's save().Jon Dufresne
The bug was introduced commit 3389c5ea229884a1943873fe7e7ffc2800cefc22.
2016-02-26Fixed #21608 -- Prevented logged out sessions being resurrected by ↵Tore Lundqvist
concurrent requests. Thanks Simon Charette for the review.
2016-02-26Cleaned up session backends tests.Simon Charette
Made SessionTestsMixin backend agnostic and removed code obsoleted by the test discovery refactor.
2016-02-04Stopped registering the sessions tests models to the sessions app.Simon Charette
2016-01-29Refs #26022 -- Used context manager version of assertRaises in tests.Hasan
2015-10-20Fixed quad quoted ("""") docstring starts.John Vandenberg
2015-10-03Fixed #22938 -- Allowed clearsessions to remove file-based sessions.Aleksandra Tarkowska
2015-08-27Fixed #22634 -- Made the database-backed session backends more extensible.Sergey Kolosov
Introduced an AbstractBaseSession model and hooks providing the option of overriding the model class used by the session store and the session store class used by the model.
2015-08-20Added a test to ensure empty sessions are saved.Tim Graham
2015-08-18Fixed DoS possiblity in contrib.auth.views.logout()Tim Graham
Thanks Florian Apolloner and Carl Meyer for review. This is a security fix.
2015-07-08Fixed #19324 -- Avoided creating a session record when loading the session.Carl Meyer
The session record is now only created if/when the session is modified. This prevents a potential DoS via creation of many empty session records. This is a security fix; disclosure to follow shortly.
2015-06-06Fixed #24915 -- Added stricter session key validationDavid Bannon
Changed _session_key attribute to a property and implemented basic validation in the setter. The session key must be 'truthy' and at least 8 characters long. Otherwise, the value is set to None.
2015-05-20Fixed incorrect session.flush() in cached_db session backend.Tim Graham
This is a security fix; disclosure to follow shortly. Thanks Sam Cooke for the report and draft patch.
2015-05-15Fixed #24799 -- Fixed session cookie deletion when using SESSION_COOKIE_DOMAINBo Lopker
2015-03-31Fixed sessions test on Python 3.5; refs #23763.Tim Graham
SimpleCookie.__repr__() changed in https://hg.python.org/cpython/rev/88e1151e8e02
2015-03-12Fixed #24468 -- Made signed cookies cache backend resilient to unpickling ↵Tim Graham
exceptions.
2015-02-11Moved contrib.sessions tests out of contrib.Tim Graham