orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

document caveats on SESSION_COOKIE_DOMAIN

Browse source 
Changing this value might result in browsers with several competing session cookies. In
that situation there is no guarantee of which one will be sent first, and be used as the
session cookie.
This commit is contained in:
Éloi Rivard 2024-04-15 18:28:25 +02:00 committed by David Lord
parent bea5876e46
commit 4a1766c252
No known key found for this signature in database
GPG key ID: 7A1C87E3F5BC42A8
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/config.rst
View file

@ -142,6 +142,12 @@ The following configuration values are used internally by Flask:
Default: ``None``
.. warning::
If this is changed after the browser created a cookie is created with
one setting, it may result in another being created. Browsers may send
send both in an undefined order. In that case, you may want to change
:data:`SESSION_COOKIE_NAME` as well or otherwise invalidate old sessions.
.. versionchanged:: 2.3
Not set by default, does not fall back to ``SERVER_NAME``.