[mod_python] Secure Sessions patch

Daniel Adler dadler at uni-goettingen.de
Sun Dec 17 21:33:28 EST 2006


Hi,

I saw there was a discussion on this topic already:
http://www.modpython.org/pipermail/mod_python/2006-May/021260.html
and came up with the same wish -
I want to force a session cookie to be explicitly created for https.

I have added a "secure" parameter to the session class constructors.
If it is set AND req.is_https(), the cookie will be created wiht "secure" set.

A diff of session.py in release 3.2.10 with this feature is available on
http://neoscientists.org/~plex/mod_python_3_2_10_session_with_secure_cookie.diff

Regards,
- Daniel Adler



More information about the Mod_python mailing list