#21051 closed Cleanup/optimization (wontfix)

Move cookie settings from standalone values to dictionaries

Reported by: ramiro Owned by: nobody
Component: Core (Other) Version: master
Severity: Normal Keywords: cookie cookis csrf sesssion language
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

This could help with #15318 and other efforts to expand configurability of existing cookie-related settings.

See https://github.com/django/django/pull/1554 for the patch.

Change History (3)

comment:1 Changed 18 months ago by timo

  • Triage Stage changed from Unreviewed to Accepted

comment:2 Changed 17 months ago by timo

  • Patch needs improvement set

After discussion with Ramiro on IRC, we're not sure if we should move forward with this. Using a dictionary has the problem that default settings from django/conf/global_settings.py would be lost if only overriding part of the SESSION_COOKIE dictionary. I proposed the possibility of adding a shim to the settings setter to merge the two dictionaries, but I'm not sure if this is feasible or worth it.

Marking as "patch needs improvement", but leaving it up to Ramiro as to whether we should move forward or won't fix.

comment:3 Changed 13 months ago by ramiro

  • Resolution set to wontfix
  • Status changed from new to closed

The described limitations seem unlikely fixable with urrent implementation of settings infrastructure. Closing for now.

Note: See TracTickets for help on using tickets.
Back to Top