[Twisted-Python] twisted.web secured session cookies and multiple sites on same host
Adi Roiban
adi at roiban.ro
Sun Jan 26 03:13:55 MST 2014
Hi,
I am looking for the followings:
* Force twisted.web to set session cookie as secured when HTTPS is used.
* Allow 2 separate twisted.web Sites to run on same host/IP but with
different sessions.
I have checked the current code for getSession() [1] but i can see that
session cookie is harcoded and I don't know how to use self.sitepath .
I tried to search the code for sitepath, but I only got this comment, which
I things is used to suppport some some sort of load balancing / high
availability.
# Sitepath is used to determine cookie names between distributed
# servers and disconnected sites.
Can this be done with current code?
If not, I am happy to submit a ticket and a patch.
To solve my problems I rewrote getSession to not use harcoded session name
and to check for self.isSecure before setting a new session cookie.
Many thanks!
[1] https://github.com/twisted/twisted/blob/trunk/twisted/web/server.py#L384
--
Adi Roiban
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://twistedmatrix.com/pipermail/twisted-python/attachments/20140126/e433fe8c/attachment.html>
More information about the Twisted-Python
mailing list