id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
34073	Refactor session middleware to allow easier overrides	Michael Gisi	nobody	"I've recently needed to manipulate the session cookie domain per-request. In order to do so, I needed to create a new middleware class inheriting from `SessionMiddleware`, overriding the `process_response` method.

Because the middleware logic reads the domain directly from settings, the result is a largely copy-pasted method just to change the domain being set on the cookie. This override is also liable to break if the middleware or settings change in future Django releases.

In contrast, `SecurityMiddleware` was much easier to override, since any settings are loaded as instance attributes in `__init__`.

The proposed solution would consist of loading settings in the session middleware `__init__` e.g. `self.cookie_domain = settings.SESSION_COOKIE_DOMAIN`.

Happy to submit a PR if this seems reasonable."	Cleanup/optimization	closed	contrib.sessions	4.1	Normal	wontfix	middleware	Adam Johnson	Unreviewed	0	0	0	0	0	0