Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit fbe2eea

Browse files
freakboy3742freakboy3742
committed
[1.3.X] Corrected an issue which could allow attackers to manipulate session data using the cache. A security announcement will be made shortly.
Backport of r16759 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16762 bcc190cf-cafb-0310-a4f2-bffc1f526a37
1 parent 2f7fadc commit fbe2eea

File tree

2 files changed

+15
-9
lines changed

2 files changed

+15
-9
lines changed

django/contrib/sessions/backends/cache.py

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
from django.contrib.sessions.backends.base import SessionBase, CreateError
22
from django.core.cache import cache
33

4+
KEY_PREFIX = "django.contrib.sessions.cache"
5+
46
class SessionStore(SessionBase):
57
"""
68
A cache-based session store.
@@ -10,7 +12,7 @@ def __init__(self, session_key=None):
1012
super(SessionStore, self).__init__(session_key)
1113

1214
def load(self):
13-
session_data = self._cache.get(self.session_key)
15+
session_data = self._cache.get(KEY_PREFIX + self.session_key)
1416
if session_data is not None:
1517
return session_data
1618
self.create()
@@ -37,13 +39,13 @@ def save(self, must_create=False):
3739
func = self._cache.add
3840
else:
3941
func = self._cache.set
40-
result = func(self.session_key, self._get_session(no_load=must_create),
42+
result = func(KEY_PREFIX + self.session_key, self._get_session(no_load=must_create),
4143
self.get_expiry_age())
4244
if must_create and not result:
4345
raise CreateError
4446

4547
def exists(self, session_key):
46-
if self._cache.has_key(session_key):
48+
if self._cache.has_key(KEY_PREFIX + session_key):
4749
return True
4850
return False
4951

@@ -52,5 +54,5 @@ def delete(self, session_key=None):
5254
if self._session_key is None:
5355
return
5456
session_key = self._session_key
55-
self._cache.delete(session_key)
57+
self._cache.delete(KEY_PREFIX + session_key)
5658

django/contrib/sessions/backends/cached_db.py

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@
66
from django.contrib.sessions.backends.db import SessionStore as DBStore
77
from django.core.cache import cache
88

9+
KEY_PREFIX = "django.contrib.sessions.cached_db"
10+
911
class SessionStore(DBStore):
1012
"""
1113
Implements cached, database backed sessions.
@@ -15,22 +17,24 @@ def __init__(self, session_key=None):
1517
super(SessionStore, self).__init__(session_key)
1618

1719
def load(self):
18-
data = cache.get(self.session_key, None)
20+
data = cache.get(KEY_PREFIX + self.session_key, None)
1921
if data is None:
2022
data = super(SessionStore, self).load()
21-
cache.set(self.session_key, data, settings.SESSION_COOKIE_AGE)
23+
cache.set(KEY_PREFIX + self.session_key, data,
24+
settings.SESSION_COOKIE_AGE)
2225
return data
2326

2427
def exists(self, session_key):
2528
return super(SessionStore, self).exists(session_key)
2629

2730
def save(self, must_create=False):
2831
super(SessionStore, self).save(must_create)
29-
cache.set(self.session_key, self._session, settings.SESSION_COOKIE_AGE)
32+
cache.set(KEY_PREFIX + self.session_key, self._session,
33+
settings.SESSION_COOKIE_AGE)
3034

3135
def delete(self, session_key=None):
3236
super(SessionStore, self).delete(session_key)
33-
cache.delete(session_key or self.session_key)
37+
cache.delete(KEY_PREFIX + (session_key or self.session_key))
3438

3539
def flush(self):
3640
"""
@@ -39,4 +43,4 @@ def flush(self):
3943
"""
4044
self.clear()
4145
self.delete(self.session_key)
42-
self.create()
46+
self.create()

0 commit comments

Comments
 (0)