#16987 closed Bug (fixed)
Improve failure message for test_invalid_session_key
| Reported by: | Owned by: | jMyles | |
|---|---|---|---|
| Component: | contrib.sessions | Version: | 1.3 |
| Severity: | Normal | Keywords: | tests, sessions |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
contrib.sessions.tests.SessionTestsMixin.test_invalid_key raises AttributeError if middleware has written an item to the cache which uses an integer for the key.
Ticket author found that djangobb (a packaged django forum app which ticket author has no affiliation) uses this technique.
Conventional session cache keys, for security as well as readability, need to use namespaces.
Attachments (1)
Change History (3)
by , 13 years ago
| Attachment: | better_invalid_session_key_testfail added |
|---|
comment:1 by , 13 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|
Note:
See TracTickets
for help on using tickets.
Patch developed at DiscSpace - this patch would have saved half a day's work.