id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 4119,Incorrect HTTP-Date format in expire field of HTTP Header,Jari Pennanen,Malcolm Tredinnick,"Currently the Django uses `datetime.strftime` to format it's ''HTTP-Date'', because strftime is localized function it should not be used for it. Changing locales to something else than English will break Django's session system on some browsers at the current state. Using `datetime.ctime` instead makes Django's HTTP-Date format automatically correct and it is not anymore locale dependent. `ctime` function also automatically handles the GMT conversion if needed, that is why the patch also changes the `utcnow` to `now`. It conforms the HTTP Specification clearly as in here [http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.3 HTTP Specs] is stated (the third choice). This fixes only expire field in `django.contrib.session.middleware` but the problem might be elsewhere too (mostly where HTTP-Date is used). Common rule is that `strftime` is not meant for fixed date formats.",,closed,Contrib apps,dev,,fixed,http-date header,,Accepted,1,0,0,0,0,0