Skip to content

Commit

Permalink
Stop using PickleSerializer for sessions
Browse files Browse the repository at this point in the history
The default has been JSONSerializer since after Django 1.6. The oldest
docs I could find was for 1.8:

https://docs.djangoproject.com/en/1.8/topics/http/sessions/#session-serialization

PickleSerializer has been deprecated since Django 4.1 and was removed in
Django 5.0.
  • Loading branch information
hmpf committed Mar 1, 2024
1 parent dcc18f9 commit e5c0037
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion python/nav/django/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@
'django.contrib.messages.middleware.MessageMiddleware',
)

SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer'
SESSION_ENGINE = 'django.contrib.sessions.backends.db'
SESSION_COOKIE_AGE = int(_webfront_config.get('sessions', {}).get('timeout', 3600))
SESSION_COOKIE_NAME = 'nav_sessionid'
Expand Down

0 comments on commit e5c0037

Please sign in to comment.