Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use the default json session serializer.

Browse Source 
This will force a logout as sessions fail to load but this should be a
more performant and secure serializer moving forward.  The reason we
overwrote it in our config is that it previously used to be the default
and we didn't want things to breake and force logouts when we changed
it.  We're no more okay with people getting logged out.
This commit is contained in:
Feanil Patel
2019-10-17 16:12:44 -04:00
parent 77eb01ff42
commit 1e97de9105
2 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cms/envs/common.py
View File

@@ -829,7 +829,6 @@ COURSES_WITH_UNSAFE_CODE = []
DEBUG = False
SESSION_COOKIE_SECURE = False
SESSION_SAVE_EVERY_REQUEST = False
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
SESSION_COOKIE_DOMAIN = ""
SESSION_COOKIE_NAME = 'sessionid'

1
lms/envs/common.py
View File

@@ -1101,7 +1101,6 @@ DEBUG = False
USE_TZ = True
SESSION_COOKIE_SECURE = False
SESSION_SAVE_EVERY_REQUEST = False
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
SESSION_COOKIE_DOMAIN = ""
SESSION_COOKIE_NAME = 'sessionid'