Plug.Conn.configure_session(conn, renew: true) - What does it do exactly? #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

toraritte opened this issue Jun 11, 2018 · 0 comments

Owner

toraritte commented Jun 11, 2018

From the documentation:

Configures the session.

Options

:renew - generates a new session id for the cookie

:drop - drops the session, a session cookie will not be included in the response

:ignore - ignores all changes made to the session in this request cycle

Does this mean that a new session_id is generated on each request? Or how else would it be able to prevent fixation attacks?

The text was updated successfully, but these errors were encountered:

toraritte mentioned this issue

What is a Phoenix session? #9

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment