Community mailing list archives
Re: Understanding Session to handle the login of the userby
If that is true you found a security flaw.
Are you completely sure that Odoo is regenerating the cookie?Everytime I clear the browser cookie it ask me to login again.
2015-07-29 4:43 GMT-03:00 Devang Pipaliya <firstname.lastname@example.org>:
This is about openerp-v7.
Can anyone help to under stand the "session_context" and "session_gc"? https://github.com/odoo/odoo/blob/7.0/addons/web/http.py#L388 &
What is the role of them? How the odoo is selecting the session and making it as an active one? What I understood till now is; Odoo is using the werkzeug lib is saving the sessions in the files under temp directory. But I am still confuse how the Odoo is taking a session from list of multiple sessions stored in multiple files from this temp directory. Even though we have cleared the cookies, Odoo is taking the session and regenerating the cookies from here. Can any one guide me on this please? It would be a great help. -- Thanks & Regards, Devang H. Pipaliya,