session modification question

Hi, I have a question about what gets persisted when session data gets updated. I've read the sessions chapter of the book, and it's not entirely clear to me. Say I have two keys in the session object that I'm manipulating in a view: view1: request.session['foo'] = 'foocontent' view1: request.

setting csrftoken to httponly and building ajax forms: not going to happen?

Hi, I'm using Django 1.4.1b, and for security purposes would like to make the csrftoken cookie httponly, and therefore inaccessible from Javascript. Since this support is not available in my version of Django, I planned to follow this implementation approach: http://stackoverflow.com/question