Fixed #25644 -- Fixed reset cookie expiry date bug.

Setting a cookie with the same name as a previously deleted cookie would set its expiry date to 'Thu, 01-Jan-1970 00:00:00 GMT'.
django · Nov 18, 2015 · 0a19f8d · 0a19f8d
1 parent 6258e16
commit 0a19f8d
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/django/http/response.py b/django/http/response.py
@@ -190,6 +190,8 @@ def set_cookie(self, key, value='', max_age=None, expires=None, path='/',
                 max_age = max(0, delta.days * 86400 + delta.seconds)
             else:
                 self.cookies[key]['expires'] = expires
+        else:
+            self.cookies[key]['expires'] = ''
         if max_age is not None:
             self.cookies[key]['max-age'] = max_age
             # IE requires expires, so set it if hasn't been already.

diff --git a/tests/requests/tests.py b/tests/requests/tests.py
@@ -208,6 +208,18 @@ def test_aware_expiration(self):
         datetime_cookie = response.cookies['datetime']
         self.assertEqual(datetime_cookie['max-age'], 10)
 
+    def test_create_cookie_after_deleting_cookie(self):
+        """
+        Setting a cookie after deletion should clear the expiry date.
+        """
+        response = HttpResponse()
+        response.set_cookie('c', 'old-value')
+        self.assertEqual(response.cookies['c']['expires'], '')
+        response.delete_cookie('c')
+        self.assertEqual(response.cookies['c']['expires'], 'Thu, 01-Jan-1970 00:00:00 GMT')
+        response.set_cookie('c', 'new-value')
+        self.assertEqual(response.cookies['c']['expires'], '')
+
     def test_far_expiration(self):
         "Cookie will expire when an distant expiration time is provided"
         response = HttpResponse()