Ticket #2523: secure-cookies.diff

File secure-cookies.diff, 1.1 KB (added by mir@…, 9 years ago)

patch

  • django/contrib/sessions/middleware.py

    a b class SessionMiddleware(object): 
    7979        else:
    8080            if modified or settings.SESSION_SAVE_EVERY_REQUEST:
    8181                session_key = request.session.session_key or Session.objects.get_new_session_key()
     82                cookie_secure = settings.SESSION_COOKIE_SECURE or None
    8283                if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE:
    8384                    max_age = None
    8485                    expires = None
    class SessionMiddleware(object): 
    8889                new_session = Session.objects.save(session_key, request.session._session,
    8990                    datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE))
    9091                response.set_cookie(settings.SESSION_COOKIE_NAME, session_key,
    91                     max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN)
     92                    max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
     93                    secure=cookie_secure)
    9294        return response
Back to Top