gae-sessions v1.05 adds new SSL-only option
5 views
Skip to first unread message
David Underhill
Oct 2, 2010, 2:26:01 PM10/2/10
to gae-sessions
gae-sessions v1.05 adds a new option which instructs the client to
only send session cookies over a secure channel. Upgrading from v1.04
is recommended if you need this new option; otherwise, there is no
rush to upgrade.
This is useful if you *only* want session information (including the
session ID) to be sent from the client when the client accesses the
server over SSL (i.e., when accessing URLs prefixed with "https"). To
use this for a particular session, manually start the session by
calling start(ssl_only=True). An existing session cannot be converted
to or from an SSL-only session. Use this option with care - remember
that if this option is used, a user's browser will not send any
session cookies when requesting non-https URLs.
The latest release is always available here:
http://github.com/dound/gae-sessions
~ David
only send session cookies over a secure channel. Upgrading from v1.04
is recommended if you need this new option; otherwise, there is no
rush to upgrade.
This is useful if you *only* want session information (including the
session ID) to be sent from the client when the client accesses the
server over SSL (i.e., when accessing URLs prefixed with "https"). To
use this for a particular session, manually start the session by
calling start(ssl_only=True). An existing session cannot be converted
to or from an SSL-only session. Use this option with care - remember
that if this option is used, a user's browser will not send any
session cookies when requesting non-https URLs.
The latest release is always available here:
http://github.com/dound/gae-sessions
~ David
Reply all
Reply to author
Forward
0 new messages