Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

* Pull in werkzeug Cookie fix for malformed cookie bug.

  • Loading branch information...
commit ea24b631cbe7180df8becebd3af0c210e549e7c7 1 parent 0710501
@bbangert bbangert authored
View
2  docs/license.txt
@@ -21,3 +21,5 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+:copyright: (c) 2010 by the Werkzeug Team
View
2  docs/news.txt
@@ -6,6 +6,8 @@ News
hg tip
------
+* Pull in werkzeug Cookie fix for malformed cookie bug.
+
0.9.8
-----
View
5 setup.cfg
@@ -7,3 +7,8 @@ with-doctest = True
doctest-extension = txt
include = docs
exclude = jsonrpc-example.txt
+with-coverage=True
+cover-erase=True
+cover-html=True
+cover-html-dir=html_coverage
+cover-package=webob
View
35 webob/request.py
@@ -1,6 +1,6 @@
import sys, tempfile, warnings
import urllib, urlparse, cgi
-from Cookie import BaseCookie
+from Cookie import BaseCookie, Morsel, CookieError
from cStringIO import StringIO
from webob.acceptparse import Accept, MIMEAccept, NilAccept, MIMENilAccept, NoAccept
@@ -25,6 +25,37 @@ def __repr__(self):
NoDefault = _NoDefault()
+class _ExtendedMorsel(Morsel):
+ _reserved = {'httponly': 'HttpOnly'}
+ _reserved.update(Morsel._reserved)
+
+ def __init__(self, name=None, value=None):
+ Morsel.__init__(self)
+ if name is not None:
+ self.set(name, value, value)
+
+ def OutputString(self, attrs=None):
+ httponly = self.pop('httponly', False)
+ result = Morsel.OutputString(self, attrs).rstrip('\t ;')
+ if httponly:
+ result += '; HttpOnly'
+ return result
+
+
+class _ExtendedCookie(BaseCookie):
+ """Form of the base cookie that doesn't raise a `CookieError` for
+ malformed keys. This has the advantage that broken cookies submitted
+ by nonstandard browsers don't cause the cookie to be empty.
+ """
+
+ def _BaseCookie__set(self, key, real_value, coded_value):
+ morsel = self.get(key, _ExtendedMorsel())
+ try:
+ morsel.set(key, real_value, coded_value)
+ except CookieError:
+ pass
+ dict.__setitem__(self, key, morsel)
+
class BaseRequest(object):
## Options:
@@ -607,7 +638,7 @@ def str_cookies(self):
return vars
vars = {}
if source:
- cookies = BaseCookie()
+ cookies = _ExtendedCookie()
cookies.load(source)
for name in cookies:
value = cookies[name].value
Please sign in to comment.
Something went wrong with that request. Please try again.