Yourlabs

django-session-security 2.4.0 release

| by jpic | django python django-session-security

This new release enforces SESSION_EXPIRE_AT_BROWSER_CLOSE, because it makes no sense to use django-session-security without it, by design.

However, a vulnerability caused by having SESSION_EXPIRE_AT_BROWSER_CLOSE disabled was fixed, thanks Clayton Delay for the report.