Ticket #3304: django.diff

File django.diff, 2.3 KB (added by arvin, 9 years ago)

Patch for django

  • django/http/__init__.py

     
    196196                return True
    197197        return False
    198198
    199     def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=None):
     199    def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=None, httponly=None):
    200200        self.cookies[key] = value
    201         for var in ('max_age', 'path', 'domain', 'secure', 'expires'):
     201        for var in ('max_age', 'path', 'domain', 'secure', 'expires', 'httponly'):
    202202            val = locals()[var]
    203203            if val is not None:
    204204                self.cookies[key][var.replace('_', '-')] = val
  • django/conf/global_settings.py

     
    257257SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks).
    258258SESSION_COOKIE_DOMAIN = None              # A string like ".lawrence.com", or None for standard domain cookie.
    259259SESSION_COOKIE_SECURE = False             # Whether the session cookie should be secure (https:// only).
     260SESSION_COOKIE_HTTPONLY = False           # Whether the session cookie should be httponly.
    260261SESSION_SAVE_EVERY_REQUEST = False        # Whether to save the session data on every request.
    261262SESSION_EXPIRE_AT_BROWSER_CLOSE = False   # Whether sessions expire when a user closes his browser.
    262263
  • django/contrib/sessions/middleware.py

     
    8989                    datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE))
    9090                response.set_cookie(settings.SESSION_COOKIE_NAME, session_key,
    9191                    max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
    92                     secure=settings.SESSION_COOKIE_SECURE or None)
     92                    secure=settings.SESSION_COOKIE_SECURE or None,
     93                    httponly=settings.SESSION_COOKIE_HTTPONLY or None)
    9394        return response
Back to Top