Opened 5 years ago

Closed 5 years ago

Last modified 4 years ago

#14685 closed (fixed)

contrib.sessions.models has incompatible or extraneous code

Reported by: PaulM Owned by: nobody
Component: contrib.sessions Version: 1.2
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

`contrib.sessions.models` has a couple methods that seem outdated and extraneous.

The specific problem methods are SessionManager.encode() and Session.get_decoded(). They definitely duplicate functionality (at a copy-paste level) now found elsewhere. I think these may be vestigal, but I haven't fully investigated. Someone more familiar with the sessions framework might want to take a look.

If these are still in use somewhere, they need to be updated to match their new, higher security analogs in contrib.sessions.backends.base.

Change History (3)

comment:1 Changed 5 years ago by lukeplant

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset

The code appears to support the API for using sessions outside of views - which is documented but completely untested. It's possible that no-one . I'll commit a fix shortly.

Thanks for the catch.

comment:2 Changed 5 years ago by lukeplant

  • Resolution set to fixed
  • Status changed from new to closed

(In [14562]) Fixed #14685 - incompatible code in contrib.sessions.models

Thanks to PaulM for the report.

comment:3 Changed 4 years ago by jacob

  • milestone 1.3 deleted

Milestone 1.3 deleted

Note: See TracTickets for help on using tickets.
Back to Top