quetz-mod_python-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Dumpleton <grah...@dscpl.com.au>
Subject Re: cookies generation by session, patch
Date Tue, 21 Mar 2006 10:04:22 GMT
Now can you explain why one would want to do this?

Unless you provide some justification of why it is necessary it is  
less likely
to be accepted as although the reasons may be obvious to you, it may not
be to us. There also may be better ways of achieving the same end.

Also, describe why this would be better than simply deleting the cookie
that is being created from the outgoing headers.

   del req.headers_out["Set-Cookie"]

Graham

On 21/03/2006, at 7:39 PM, Stanislav Ershov wrote:

> Hi,
> I wrote a simple patch for 'Session.py'. Patch adds possibility to  
> disable cookies generation by session. And it's optional.
>
> By default cookies generation enabled.
> Add Apache directive 'Python Option sessin_cookie_generation 0' for  
> disabling.
>
> --- mod_python-3.2.8.orig/lib/python/mod_python/Session.py	Mon Feb  
> 20 00:51:18 2006
> +++ mod_python-3.2.8/lib/python/mod_python/Session.py	Tue Mar 21  
> 09:50:46 2006
> @@ -138,17 +138,19 @@
>          dict.__init__(self)
>
>          session_cookie_name = req.get_options().get 
> ("session_cookie_name",COOKIE_NAME)
> +        session_cookie_generation = int(req.get_options().get 
> ("session_cookie_generation",1))
>
>          if not self._sid:
> -            # check to see if cookie exists
> -            if secret:
> -                cookies = Cookie.get_cookies(req,  
> Class=Cookie.SignedCookie,
> -                                             secret=self._secret)
> -            else:
> -                cookies = Cookie.get_cookies(req)
> +            if session_cookie_generation:
> +                # check to see if cookie exists
> +                if secret:
> +                    cookies = Cookie.get_cookies(req,  
> Class=Cookie.SignedCookie,
> +                                                 secret=self._secret)
> +            	else:
> +                    cookies = Cookie.get_cookies(req)
>
> -            if cookies.has_key(session_cookie_name):
> -                self._sid = cookies[session_cookie_name].value
> +                if cookies.has_key(session_cookie_name):
> +                    self._sid = cookies[session_cookie_name].value
>
>          if self._sid:
>              # Validate the sid *before* locking the session
> @@ -171,7 +173,8 @@
>              if self._sid: self.unlock() # unlock old sid
>              self._sid = _new_sid(self._req)
>              self.lock()                 # lock new sid
> -            Cookie.add_cookie(self._req, self.make_cookie())
> +            if session_cookie_generation:
> +                Cookie.add_cookie(self._req, self.make_cookie())
>              self._created = time.time()
>              if timeout:
>                  self._timeout = timeout


Mime
View raw message