##// END OF EJS Templates
issue-trackers: fix XSS with description field.
issue-trackers: fix XSS with description field.

File last commit:

r4484:7bc1ace5 default
r4487:779812b2 default
Show More
patch-beaker-improved-redis-2.diff
17 lines | 1.1 KiB | text/x-diff | DiffLexer
/ pkgs / patches / beaker / patch-beaker-improved-redis-2.diff
diff -rup Beaker-1.9.1-orig/beaker/session.py Beaker-1.9.1/beaker/session.py
--- Beaker-1.9.1-orig/beaker/session.py 2020-04-10 10:23:04.000000000 +0200
+++ Beaker-1.9.1/beaker/session.py 2020-04-10 10:23:34.000000000 +0200
@@ -156,6 +156,14 @@ def __init__(self, request, id=None, invalidate_corrupt=False,
if timeout and not save_accessed_time:
raise BeakerException("timeout requires save_accessed_time")
self.timeout = timeout
+ # We want to pass timeout param to redis backend to support expiration of keys
+ # In future, I believe, we can use this param for memcached and mongo as well
+ if self.timeout is not None and self.type == 'ext:redis':
+ # The backend expiration should always be a bit longer (I decied to use 2 minutes) than the
+ # session expiration itself to prevent the case where the backend data expires while
+ # the session is being read (PR#153)
+ self.namespace_args['timeout'] = self.timeout + 60 * 2
+
self.save_atime = save_accessed_time
self.use_cookies = use_cookies
self.cookie_expires = cookie_expires