I uploaded a new patch, with implementation to Python 2.3-2.5 (based
on cephelo patch) and 2.6. I tested it with 2.5 and all is ok.
--
Rodolfo
On 6/12/09, Michael Radziej wrote:
>
> On Wed, Jun 10, Alex Gaynor wrote:
>
>> No, as I've stated Django *never* degrades functionality due to Python
>>
On Wed, Jun 10, Alex Gaynor wrote:
> No, as I've stated Django *never* degrades functionality due to Python
> version.
> This would be a massive aberration from that policy. This is
> clearly stated in the documentation for users:
> http://docs.djangoproject.com/en/dev/faq/install/#do-i-lose-a
On Wed, Jun 10, 2009 at 3:13 PM, Rodolfo Stangherlin wrote:
>
> If useful, is possible put warning about it in python 2.3-2.5. On
> command line (manage.py runserver), it's show a message in screen.
> With apache, in a error_log:
>
> import warnings
> warnings.warn('httponly is supported in python
If useful, is possible put warning about it in python 2.3-2.5. On
command line (manage.py runserver), it's show a message in screen.
With apache, in a error_log:
import warnings
warnings.warn('httponly is supported in python > 2.6')
If is a good idea, i submit a new patch.
Rodolfo
On 6/9/09,
On Tue, Jun 09, Alex Gaynor wrote:
> A patch that only works on Python 2.6 will, unequivocally, not be accepted.
> Django maintains identaical levels of functionality from Python 2.3 to 2.6.
Nah, the patch works with 2.3 to 2.6. But the "http-only" flag will be set
only with python2.6 since the
On Tue, Jun 9, 2009 at 10:52 AM, Michael Radziej wrote:
>
> On Tue, Jun 09, Russell Keith-Magee wrote:
>
> >
> > On Tue, Jun 9, 2009 at 8:56 PM, Rodolfo wrote:
> > >
> > > About session in Django:
> http://code.djangoproject.com/wiki/DjangoSpecifications/Contrib/Sessions
> > >
> > > Why ticket 33
On Tue, Jun 09, Russell Keith-Magee wrote:
>
> On Tue, Jun 9, 2009 at 8:56 PM, Rodolfo wrote:
> >
> > About session in Django:
> > http://code.djangoproject.com/wiki/DjangoSpecifications/Contrib/Sessions
> >
> > Why ticket 3304 (http://code.djangoproject.com/ticket/3304) is "new"?
> > All propo
Ok, but SimpleCookie in Python 2.6 supports it, then a Python patch is
unnecessary.
On 6/9/09, Russell Keith-Magee wrote:
>
> On Tue, Jun 9, 2009 at 8:56 PM, Rodolfo wrote:
>>
>> About session in Django:
>> http://code.djangoproject.com/wiki/DjangoSpecifications/Contrib/Sessions
>>
>> Why ticke
On Tue, Jun 9, 2009 at 8:56 PM, Rodolfo wrote:
>
> About session in Django:
> http://code.djangoproject.com/wiki/DjangoSpecifications/Contrib/Sessions
>
> Why ticket 3304 (http://code.djangoproject.com/ticket/3304) is "new"?
> All propounded patches are bad? This can protect from session hijack
>
About session in Django:
http://code.djangoproject.com/wiki/DjangoSpecifications/Contrib/Sessions
Why ticket 3304 (http://code.djangoproject.com/ticket/3304) is "new"?
All propounded patches are bad? This can protect from session hijack
(http://en.wikipedia.org/wiki/Session_hijacking) using XSS
10 matches
Mail list logo
