Ticket #11729: session_key_entropy.patch

File session_key_entropy.patch, 645 bytes (added by rfk, 6 years ago)
  • django/contrib/sessions/backends/base.py

    diff --git a/django/contrib/sessions/backends/base.py b/django/contrib/sessions/backends/base.py
    index b4cdead..6428705 100644
    a b class SessionBase(object): 
    138138            # No getpid() in Jython, for example
    139139            pid = 1
    140140        while 1:
    141             session_key = md5_constructor("%s%s%s%s"
     141            session_key = md5_constructor("%s%s%.20f%s"
    142142                    % (randrange(0, MAX_SESSION_KEY), pid, time.time(),
    143143                       settings.SECRET_KEY)).hexdigest()
    144144            if not self.exists(session_key):
Back to Top