Skip to content

Bugfix: set_cookie datetime#292

Merged
digitalresistor merged 4 commits into
masterfrom
bugfix/set_cookie_datetime
Nov 18, 2016
Merged

Bugfix: set_cookie datetime#292
digitalresistor merged 4 commits into
masterfrom
bugfix/set_cookie_datetime

Conversation

@digitalresistor
Copy link
Copy Markdown
Member

@digitalresistor digitalresistor commented Nov 18, 2016

This fixes the bug reported by @dobesv in #254. Also documents that expires should not be a localtime, and that it should not be set in the past.

@digitalresistor digitalresistor added this to the 1.7.0 milestone Nov 18, 2016
@digitalresistor digitalresistor force-pushed the bugfix/set_cookie_datetime branch from 4fba852 to 5be7ff4 Compare November 18, 2016 05:42
@mmerickel
Copy link
Copy Markdown
Member

mmerickel commented Nov 18, 2016

What is the issue with setting expires in the past? AFAIK this is a common technique for clearing a cookie.

@digitalresistor
Copy link
Copy Markdown
Member Author

digitalresistor commented Nov 18, 2016

@mmerickel: There is unset_cookie for that and I would rather warn because it may mean the user accidentally passed in a local time datetime object and setting the cookie is not doing what they think it is going to do.

@digitalresistor
Copy link
Copy Markdown
Member Author

digitalresistor commented Nov 18, 2016

I can change the warning message, expires is going away in the future anyway. Setting max_age to 0 is a better idea.

@mmerickel
Copy link
Copy Markdown
Member

mmerickel commented Nov 18, 2016

Yeah this is a little wishy washy but it sort of feels like something webob shouldn't have an opinion on.

@digitalresistor
Copy link
Copy Markdown
Member Author

digitalresistor commented Nov 18, 2016

If you don't think it is a good idea, I can remove that warning. I only added it late last night because of the local time vs utc time issue and maybe a warning would be nice, I have no opinion either way.

@digitalresistor
Change test name to something more appropriate
7f55004
@digitalresistor
Add test for datetime with TZ
40cba55
@digitalresistor
Update expires for set_cookie to allow TZ aware datetime
ceb4ade 
This will convert the TZ aware datetime to one that is not timezone
aware and to UTC. This can then be used in math to generate the
timedelta for max_age.

Also documents that using a local datetime object is not supported,
unfortunately there is no good way to find out whether a datetime is
local or not, so there is no way to warn the user about bad input.

Closes #254
@digitalresistor digitalresistor force-pushed the bugfix/set_cookie_datetime branch from 5be7ff4 to ceb4ade Compare November 18, 2016 21:45
@digitalresistor digitalresistor merged commit ab1aa6d into master Nov 18, 2016
digitalresistor added a commit that referenced this pull request Nov 18, 2016
@digitalresistor
Merge branches 'bugfix/cgi_FieldStorage' and 'bugfix/set_cookie_datet…
7beb79f 
…ime'

Closes #294 and #292
digitalresistor added a commit that referenced this pull request Nov 18, 2016
@digitalresistor
Changelog entries for #294 and #292
6c5dba1
@digitalresistor digitalresistor deleted the bugfix/set_cookie_datetime branch November 18, 2016 22:12
@pyup-bot pyup-bot mentioned this pull request Nov 3, 2017
Closed
@pyup-bot pyup-bot mentioned this pull request Jan 26, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

1.7.0

Development

Successfully merging this pull request may close these issues.

2 participants

@digitalresistor @mmerickel