[Python-checkins] r87551 - in python/branches/release31-maint: Lib/http/cookies.py Lib/test/test_http_cookies.py Misc/NEWS

r.david.murray python-checkins at python.org
Tue Dec 28 19:56:33 CET 2010

• Previous message: [Python-checkins] r87550 - in python/branches/py3k: Lib/http/cookies.py Lib/test/test_http_cookies.py Misc/NEWS
• Next message: [Python-checkins] r87552 - in python/branches/release27-maint: Lib/Cookie.py Lib/test/test_cookie.py Misc/NEWS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Author: r.david.murray
Date: Tue Dec 28 19:56:33 2010
New Revision: 87551
Log:
Merged revisions 87550 via svnmerge from 
svn+ssh://pythondev@svn.python.org/python/branches/py3k
........
 r87550 | r.david.murray | 2010年12月28日 13:54:13 -0500 (2010年12月28日) | 8 lines
 
 #9824: encode , and ; in cookie values so that browsers don't split on them
 
 There is a small chance of backward incompatibility here, but only for
 non-SimpleCookie applications reading SimpleCookie generated cookies. Even
 then, any such ap is likely to be handling escaped values already, and it would
 take a fairly perverse implementation of unescaping to fail to unescape these
 newly escaped chars, so the risk seems minimal.
........
Modified:
 python/branches/release31-maint/ (props changed)
 python/branches/release31-maint/Lib/http/cookies.py
 python/branches/release31-maint/Lib/test/test_http_cookies.py
 python/branches/release31-maint/Misc/NEWS
Modified: python/branches/release31-maint/Lib/http/cookies.py
==============================================================================
--- python/branches/release31-maint/Lib/http/cookies.py	(original)
+++ python/branches/release31-maint/Lib/http/cookies.py	Tue Dec 28 19:56:33 2010
@@ -178,6 +178,11 @@
 '033円' : '\033円', '034円' : '\034円', '035円' : '\035円',
 '036円' : '\036円', '037円' : '\037円',
 
+ # Because of the way browsers really handle cookies (as opposed
+ # to what the RFC says) we also encode , and ;
+
+ ',' : '\054円', ';' : '\073円',
+
 '"' : '\\"', '\\' : '\\\\',
 
 '177円' : '\177円', '200円' : '\200円', '201円' : '\201円',
Modified: python/branches/release31-maint/Lib/test/test_http_cookies.py
==============================================================================
--- python/branches/release31-maint/Lib/test/test_http_cookies.py	(original)
+++ python/branches/release31-maint/Lib/test/test_http_cookies.py	Tue Dec 28 19:56:33 2010
@@ -65,6 +65,14 @@
 </script>
 """)
 
+ def test_extended_encode(self):
+ # Issue 9824: some browsers don't follow the standard; we now
+ # encode , and ; to keep them from tripping up.
+ C = cookies.SimpleCookie()
+ C['val'] = "some,funky;stuff"
+ self.assertEqual(C.output(['val']),
+ 'Set-Cookie: val="some\054円funky\073円stuff"')
+
 def test_special_attrs(self):
 # 'expires'
 C = cookies.SimpleCookie('Customer="WILE_E_COYOTE"')
Modified: python/branches/release31-maint/Misc/NEWS
==============================================================================
--- python/branches/release31-maint/Misc/NEWS	(original)
+++ python/branches/release31-maint/Misc/NEWS	Tue Dec 28 19:56:33 2010
@@ -24,6 +24,9 @@
 Library
 -------
 
+- Issue 9824: SimpleCookie now encodes , and ; in values to cater to how
+ browsers actually parse cookies.
+
 - Issue #5258/#10642: if site.py encounters a .pth file that generates an error,
 it now prints the filename, line number, and traceback to stderr and skips
 the rest of that individual file, instead of stopping processing entirely.

---

• Previous message: [Python-checkins] r87550 - in python/branches/py3k: Lib/http/cookies.py Lib/test/test_http_cookies.py Misc/NEWS
• Next message: [Python-checkins] r87552 - in python/branches/release27-maint: Lib/Cookie.py Lib/test/test_cookie.py Misc/NEWS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list