Re: how to use HTTPS with django

On 7-7-2012 5:05, Timothy Makobu wrote:
> For secure logins, this helps
> https://docs.djangoproject.com/en/dev/topics/http/sessions/?from=olddocs/#session-cookie-secure
>

No it doesn't. That is for secure /sessions/, which means that if you
use this during the login process then the session is created on the
HTTPS connection and only /valid/ on the HTTPS connection. In other
words, if you set this flag the scenario of having an unencrypted site
with an encrypted login procedure is impossible.

--
Melvyn Sopacua


--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.