Changes between Initial Version and Version 7 of Ticket #12909
- Timestamp:
- Apr 16, 2011, 12:42:28 AM (13 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #12909
- Property Component django.contrib.sessions → Core framework
- Property Milestone 1.2
- Property Triage Stage Unreviewed → Accepted
- Property Summary Session Middleware ignores DEBUG setting - Potential Security Issue → Exceptions raised in response middleware don't invoke site 500/404 handlers.
- Property Cc added
- Property Has patch set
- Property Type → Bug
- Property Severity → Normal
- Property Needs tests set
-
Ticket #12909 – Description
initial v7 1 2 1 If there is an error connecting to the session database, the session middleware throws an Exception that's visible regardless of the DEBUG setting. The stack trace appears in a blank page (non-conforming to the standard debug template). To reproduce this ticket, drop the django_session table and try to login to any django application. The expected behavior is not to show a stack trace when DEBUG=False 3 2