Hi,
I wrote a simple patch for 'Session.py'. Patch adds possibility to
disable cookies generation by session. And it's optional.
By default cookies generation enabled.
Add Apache directive 'Python Option sessin_cookie_generation 0' for
disabling.
--- mod_python-3.2.8.orig/lib/python/mod_python/Session.py Mon Feb 20
00:51:18 2006
+++ mod_python-3.2.8/lib/python/mod_python/Session.py Tue Mar 21
09:50:46 2006
@@ -138,17 +138,19 @@
dict.__init__(self)
session_cookie_name =
req.get_options().get("session_cookie_name",COOKIE_NAME)
+ session_cookie_generation =
int(req.get_options().get("session_cookie_generation",1))
if not self._sid:
- # check to see if cookie exists
- if secret:
- cookies = Cookie.get_cookies(req,
Class=Cookie.SignedCookie,
- secret=self._secret)
- else:
- cookies = Cookie.get_cookies(req)
+ if session_cookie_generation:
+ # check to see if cookie exists
+ if secret:
+ cookies = Cookie.get_cookies(req,
Class=Cookie.SignedCookie,
+ secret=self._secret)
+ else:
+ cookies = Cookie.get_cookies(req)
- if cookies.has_key(session_cookie_name):
- self._sid = cookies[session_cookie_name].value
+ if cookies.has_key(session_cookie_name):
+ self._sid = cookies[session_cookie_name].value
if self._sid:
# Validate the sid *before* locking the session
@@ -171,7 +173,8 @@
if self._sid: self.unlock() # unlock old sid
self._sid = _new_sid(self._req)
self.lock() # lock new sid
- Cookie.add_cookie(self._req, self.make_cookie())
+ if session_cookie_generation:
+ Cookie.add_cookie(self._req, self.make_cookie())
self._created = time.time()
if timeout:
self._timeout = timeout
