mirror of https://github.com/django/django.git
Fixed #29471 -- Added 'Vary: Cookie' to invalid/empty session cookie responses.
This commit is contained in:
parent
d64808cacd
commit
dc740dde50
1
AUTHORS
1
AUTHORS
|
@ -45,6 +45,7 @@ answer newbie questions, and generally made Django that much better:
|
|||
Alex Ogier <alex.ogier@gmail.com>
|
||||
Alex Robbins <alexander.j.robbins@gmail.com>
|
||||
Alexey Boriskin <alex@boriskin.me>
|
||||
Alexey Tsivunin <most-208@yandex.ru>
|
||||
Aljosa Mohorovic <aljosa.mohorovic@gmail.com>
|
||||
Amit Chakradeo <https://amit.chakradeo.net/>
|
||||
Amit Ramon <amit.ramon@gmail.com>
|
||||
|
|
|
@ -40,6 +40,7 @@ class SessionMiddleware(MiddlewareMixin):
|
|||
path=settings.SESSION_COOKIE_PATH,
|
||||
domain=settings.SESSION_COOKIE_DOMAIN,
|
||||
)
|
||||
patch_vary_headers(response, ('Cookie',))
|
||||
else:
|
||||
if accessed:
|
||||
patch_vary_headers(response, ('Cookie',))
|
||||
|
|
|
@ -748,6 +748,9 @@ class SessionMiddlewareTests(TestCase):
|
|||
),
|
||||
str(response.cookies[settings.SESSION_COOKIE_NAME])
|
||||
)
|
||||
# SessionMiddleware sets 'Vary: Cookie' to prevent the 'Set-Cookie'
|
||||
# from being cached.
|
||||
self.assertEqual(response['Vary'], 'Cookie')
|
||||
|
||||
@override_settings(SESSION_COOKIE_DOMAIN='.example.local', SESSION_COOKIE_PATH='/example/')
|
||||
def test_session_delete_on_end_with_custom_domain_and_path(self):
|
||||
|
|
Loading…
Reference in New Issue