Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#14685 closed (fixed)

contrib.sessions.models has incompatible or extraneous code

Reported by: Paul McMillan Owned by: nobody
Component: contrib.sessions Version: 1.2
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


`contrib.sessions.models` has a couple methods that seem outdated and extraneous.

The specific problem methods are SessionManager.encode() and Session.get_decoded(). They definitely duplicate functionality (at a copy-paste level) now found elsewhere. I think these may be vestigal, but I haven't fully investigated. Someone more familiar with the sessions framework might want to take a look.

If these are still in use somewhere, they need to be updated to match their new, higher security analogs in contrib.sessions.backends.base.

Change History (3)

comment:1 Changed 7 years ago by Luke Plant

The code appears to support the API for using sessions outside of views - which is documented but completely untested. It's possible that no-one . I'll commit a fix shortly.

Thanks for the catch.

comment:2 Changed 7 years ago by Luke Plant

Resolution: fixed
Status: newclosed

(In [14562]) Fixed #14685 - incompatible code in contrib.sessions.models

Thanks to PaulM for the report.

comment:3 Changed 7 years ago by Jacob

milestone: 1.3

Milestone 1.3 deleted

Note: See TracTickets for help on using tickets.
Back to Top