Corrected an issue which could allow attackers to manipulate session data using the cache. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16759 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
893cea211a
commit
33076af6f2
|
@ -1,6 +1,8 @@
|
||||||
from django.contrib.sessions.backends.base import SessionBase, CreateError
|
from django.contrib.sessions.backends.base import SessionBase, CreateError
|
||||||
from django.core.cache import cache
|
from django.core.cache import cache
|
||||||
|
|
||||||
|
KEY_PREFIX = "django.contrib.sessions.cache"
|
||||||
|
|
||||||
class SessionStore(SessionBase):
|
class SessionStore(SessionBase):
|
||||||
"""
|
"""
|
||||||
A cache-based session store.
|
A cache-based session store.
|
||||||
|
@ -10,7 +12,7 @@ class SessionStore(SessionBase):
|
||||||
super(SessionStore, self).__init__(session_key)
|
super(SessionStore, self).__init__(session_key)
|
||||||
|
|
||||||
def load(self):
|
def load(self):
|
||||||
session_data = self._cache.get(self.session_key)
|
session_data = self._cache.get(KEY_PREFIX + self.session_key)
|
||||||
if session_data is not None:
|
if session_data is not None:
|
||||||
return session_data
|
return session_data
|
||||||
self.create()
|
self.create()
|
||||||
|
@ -37,18 +39,18 @@ class SessionStore(SessionBase):
|
||||||
func = self._cache.add
|
func = self._cache.add
|
||||||
else:
|
else:
|
||||||
func = self._cache.set
|
func = self._cache.set
|
||||||
result = func(self.session_key, self._get_session(no_load=must_create),
|
result = func(KEY_PREFIX + self.session_key, self._get_session(no_load=must_create),
|
||||||
self.get_expiry_age())
|
self.get_expiry_age())
|
||||||
if must_create and not result:
|
if must_create and not result:
|
||||||
raise CreateError
|
raise CreateError
|
||||||
|
|
||||||
def exists(self, session_key):
|
def exists(self, session_key):
|
||||||
return session_key in self._cache
|
return (KEY_PREFIX + session_key) in self._cache
|
||||||
|
|
||||||
def delete(self, session_key=None):
|
def delete(self, session_key=None):
|
||||||
if session_key is None:
|
if session_key is None:
|
||||||
if self._session_key is None:
|
if self._session_key is None:
|
||||||
return
|
return
|
||||||
session_key = self._session_key
|
session_key = self._session_key
|
||||||
self._cache.delete(session_key)
|
self._cache.delete(KEY_PREFIX + session_key)
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,8 @@ from django.conf import settings
|
||||||
from django.contrib.sessions.backends.db import SessionStore as DBStore
|
from django.contrib.sessions.backends.db import SessionStore as DBStore
|
||||||
from django.core.cache import cache
|
from django.core.cache import cache
|
||||||
|
|
||||||
|
KEY_PREFIX = "django.contrib.sessions.cached_db"
|
||||||
|
|
||||||
class SessionStore(DBStore):
|
class SessionStore(DBStore):
|
||||||
"""
|
"""
|
||||||
Implements cached, database backed sessions.
|
Implements cached, database backed sessions.
|
||||||
|
@ -15,10 +17,11 @@ class SessionStore(DBStore):
|
||||||
super(SessionStore, self).__init__(session_key)
|
super(SessionStore, self).__init__(session_key)
|
||||||
|
|
||||||
def load(self):
|
def load(self):
|
||||||
data = cache.get(self.session_key, None)
|
data = cache.get(KEY_PREFIX + self.session_key, None)
|
||||||
if data is None:
|
if data is None:
|
||||||
data = super(SessionStore, self).load()
|
data = super(SessionStore, self).load()
|
||||||
cache.set(self.session_key, data, settings.SESSION_COOKIE_AGE)
|
cache.set(KEY_PREFIX + self.session_key, data,
|
||||||
|
settings.SESSION_COOKIE_AGE)
|
||||||
return data
|
return data
|
||||||
|
|
||||||
def exists(self, session_key):
|
def exists(self, session_key):
|
||||||
|
@ -26,11 +29,12 @@ class SessionStore(DBStore):
|
||||||
|
|
||||||
def save(self, must_create=False):
|
def save(self, must_create=False):
|
||||||
super(SessionStore, self).save(must_create)
|
super(SessionStore, self).save(must_create)
|
||||||
cache.set(self.session_key, self._session, settings.SESSION_COOKIE_AGE)
|
cache.set(KEY_PREFIX + self.session_key, self._session,
|
||||||
|
settings.SESSION_COOKIE_AGE)
|
||||||
|
|
||||||
def delete(self, session_key=None):
|
def delete(self, session_key=None):
|
||||||
super(SessionStore, self).delete(session_key)
|
super(SessionStore, self).delete(session_key)
|
||||||
cache.delete(session_key or self.session_key)
|
cache.delete(KEY_PREFIX + (session_key or self.session_key))
|
||||||
|
|
||||||
def flush(self):
|
def flush(self):
|
||||||
"""
|
"""
|
||||||
|
@ -39,4 +43,4 @@ class SessionStore(DBStore):
|
||||||
"""
|
"""
|
||||||
self.clear()
|
self.clear()
|
||||||
self.delete(self.session_key)
|
self.delete(self.session_key)
|
||||||
self.create()
|
self.create()
|
||||||
|
|
Loading…
Reference in New Issue