From 45ce66a532f309c9966466544cf5906300f838f0 Mon Sep 17 00:00:00 2001
From: mthorme <max.thorme@gmail.com>
Date: Mon, 14 Jul 2025 22:07:35 +0200
Subject: [PATCH] =?UTF-8?q?fix(comment):=20malicious=20user=20cannot=20obt?=
 =?UTF-8?q?ain=20another=20user=E2=80=99s=20session?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tests/unittests/sessions/test_session_service.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/unittests/sessions/test_session_service.py b/tests/unittests/sessions/test_session_service.py
index 995d739f5..67f0351af 100644
--- a/tests/unittests/sessions/test_session_service.py
+++ b/tests/unittests/sessions/test_session_service.py
@@ -201,7 +201,7 @@ async def test_session_state(service_type):
   assert session_11.state.get('user:key1') == 'value1'
   assert not session_11.state.get('temp:key')
 
-  # Make sure a malicious user can obtain a session and events not belonging to them
+  # Make sure a malicious user cannot obtain a session and events not belonging to them
   session_mismatch = await session_service.get_session(
       app_name=app_name, user_id=user_id_malicious, session_id=session_id_11
   )