Hello,
Why is it that the session id changes after a redirect is initiated from a view function? This is basically the scenario, after the browser makes a POST request to a custom login() view function, the view function authenticates the user and redirects (302) the user back to a page, but the redirect response from the server is instructing the browser to change the session id. Is this the expected behavior? Please see the HTTP Response/Redirect below..
http://127.0.0.1:8000/guest/login/
POST /guest/login/ HTTP/1.1
Host: 127.0.0.1:8000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://127.0.0.1:8000/
Cookie: csrftoken=waqBLcwTQXnnZHzSdpDkgyFh3IqcVMzY; sessionid=e658157220dfca598cb1ab271a28970f; __utma=96992031.449557637.1341146315.1341146315.1341146315.1; __utmb=96992031.2.10.1341146315; __utmc=96992031; __utmz=96992031.1341146315.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); djdt=hide
Content-Type: application/x-www-form-urlencoded
Content-Length: 94
csrfmiddlewaretoken=waqBLcwTQXnnZHzSdpDkgyFh3IqcVMzY&username=X&password=X&x=38&y=6
HTTP/1.0 302 FOUND
Date: Sun, 01 Jul 2012 12:39:23 GMT
Server: WSGIServer/0.1 Python/2.7.1
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: http://127.0.0.1:8000/
Content-Language: en-us
Set-Cookie: sessionid=e6a5292ff37521bc223840a3b5da8acb; expires=Sun, 15-Jul-2012 12:39:23 GMT; httponly; Max-Age=1209600; Path=/
Thanks,
-Moe
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment