Re: Why self-defined session_key got changed when save in DB?

On Sat, Jun 4, 2011 at 3:27 AM, Jimmy <jimmy.don.know@gmail.com> wrote:
> I'm new to Django and not quite understand your explanation.
>
> How can I create a specific session_key, and access to the session by
> that key? Any risk that I have if I expose the session_key to the
> outside?
>
> Thank you.
>
> Best regards,
> Li Jiaming

You cannot, because doing so is dangerous and counter intuitive. Read
up on 'session fixation attacks', or my previous reply.

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.