#15891: flushing session on auth.logout
--------------------------------------+------------------------------
Reporter: sorl | Owner: nobody
Type: Bug | Status: new
Milestone: | Component: contrib.auth
Version: 1.3 | Severity: Normal
Resolution: | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
--------------------------------------+------------------------------
Comment (by anonymous):
Replying to [comment:2 sorl]:
> @Mathieu Agopian
> I can't make any sence from that use case, session data is not a global
object and does not leak unless you hijack the other users session id.
Yes it does leak, think of computers where more than one user uses the
same browsersession (Those still exists, especially @home if the users
share the same username etc…)
--
Ticket URL: <http://code.djangoproject.com/ticket/15891#comment:3>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
