Am 05.05.2010 um 21:45 schrieb George Sakkis:
I'm repeating myself here but if the intention is to really disallow user-provided ids. it can be done more clearly: raise an exception if the key does not exist and make the session_key property read-only. Now it seems like a bug that you can sort of work around by setting the key just before saving.
Depending on the backend it might be difficult to determine what exactly constitutes a non-existing key. A visitor could for example have a stale session cookie in their browser that has already been evicted from your storage. In such cases the user would be presented with an exception - not very friendly.
Ulrich -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
