forked from orbit-oss/flask
Updated documentation for the new sessions
This commit is contained in:
Armin Ronacher
parent
e1a576122b
commit
261c4a6aee
2 changed files with 9 additions and 5 deletions
|
|
@ -29,9 +29,14 @@ format changed from pickle to a specialized JSON format. This change has
|
|||
been done in order to avoid the damage an attacker can do if the secret
|
||||
key is leaked. When you upgrade you will notice two major changes: all
|
||||
sessions that were issued before the upgrade are invalidated and you can
|
||||
only store a limited amount of types in the session.
|
||||
only store a limited amount of types in the session. The new sessions are
|
||||
by design much more restricted to only allow JSON with a few small
|
||||
extensions for tuples and strings with HTML markup.
|
||||
|
||||
TODO: add external module for session upgrading
|
||||
In order to not break people's sessions it is possible to continue using
|
||||
the old session system by using the `Flask-OldSessions_` extension.
|
||||
|
||||
.. _Flask-OldSessions: http://packages.python.org/Flask-OldSessions/
|
||||
|
||||
Version 0.9
|
||||
-----------
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue