angler-fishThe Vulnerability History Project

Fixed #3586 -- Only output "Vary: Cookie" HTTP header when the session object

      is accessed. Leads to better caching performance. Thanks, Owen Griffiths.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@4680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
by Don the Electric Eel 2007-03-08 08:46:59 UTC
commit c651b08f3981cb9c1e4631563675730a3577e0a9
Django VCC Attack is in Session CVE-2015-5964
AUTHORS
-1
django/contrib/sessions/middleware.py
+1 -5
expand_less