- November 7, 2007
- middleware cookie session authentication string query cookieless querystring
- 1 (after 1 ratings)
The Session documentation rightly warns of the dangers of putting a session ID into a query string. Sometimes, however, you have to do it - perhaps your client has mandated support for browsers with cookies disabled, or perhaps (as in my case) you're just dealing with a slightly broken client browser.
This middleware pulls a session ID out of the query string an inserts it into the cookies collection. You'll need to include it in your MIDDLEWARE_CLASSES tuple in settings.py, before the SessionMiddleware.
Please read my full blog post about for the dangers of doing this, and for full instructions and examples.
1 2 3 4 5 6 7 8 9
from django.conf import settings class FakeSessionCookieMiddleware(object): def process_request(self, request): if not request.COOKIES.has_key(settings.SESSION_COOKIE_NAME) \ and request.GET.has_key(settings.SESSION_COOKIE_NAME): request.COOKIES[settings.SESSION_COOKIE_NAME] = \ request.GET[settings.SESSION_COOKIE_NAME]