#29728: CSRF_USE_SESSIONS leads to session save on every request using csrf
------------------------------------------------+------------------------
Reporter: Michal Čihař | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: CSRF | Version: master
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
------------------------------------------------+------------------------
The way CSRF saving in the session is currently implemented leads to
updating session with every request which uses csrf tokens. Having many
CSRF protected forms on the site leads to session update with almost every
request. IMHO this is not really needed and it should update the session
only if needed.
--
Ticket URL: <https://code.djangoproject.com/ticket/29728>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/048.156d66e492fb5709c3c4d6ff413eda6a%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
