New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LWPCookieJar load() set domain_specifed wrong #61453
Comments
Hello, I am using LWPCookieJar to store cookies. But I am having trouble. save the following to test.lwp
output: If understood correctly, domain_specified should equal bool(c.domain =""). This is seen on 2.7 and 2.6. |
Hi, This is still present in the current mercurial. I'm attaching a patch that fixes the issue. Thanks. |
According to some digging around that I've done, this issue may be invalid: (I couldn't find an RFC or detailed spec of the LWP format, so reading from libwww-perl source @ http://cpansearch.perl.org/src/GAAS/libwww-perl-5.836/lib/HTTP/Cookies.pm) # Try with a more general domain, alternately stripping # a.b.c.net Any cookie So, www.domain.com is not a valid LWP domain and therefore, unless I'm missing something, the module is functioning as expected. |
That was silly of me. What I /meant/ to say was that, for this specific report, it's functioning as expected. However, the logic in LWPCookieJar isn't entirely correct. As noted in the comments from libwww-perl, the reported URL is in fact, an invalid LWP cookie. What's missing is the logic to deal with other, valid cookies. domain_specified = domain.starts_with('.') is incorrect as a four part domain name (a.b.c.d) /is/ a valid LWP domain. This should likely be patched. Another question that I have though, is why is LWPCookieJar even part of the stdlib? It's relatively well documented that it is not known to be compatible with any browser. I'm curious as to how heavily used it is and what the rational was to include it (dev might be a better place to ask this, I'm not sure). |
I've deleted my previous patch, as I found the code working as intended. The domain_specified signals whether the domain stores came from a Domain: tag inside a Set-Cookie request or is taken from the hostname of the request. The rfc2965 dictates that a value taken from a Domain: tag should be The LWP-Cookies-2.0 format is an extension to the perl format, that seeks compatibility adding some features. About the domain matching, the rfc2965 documents this. I think the perl comment is an example for a.b.c.net, so that matchs with .b.c.net but not with b.c.net. |
I now realized LWPCookieJar is a subclass of CookieJar but it behaves differently. I believe there are other quirks I haven't discovered, like expire=None which cause exception in LWPCookieJar, but works fine for CookieJar. Sadly the doc didn't mention them. The official python document introduced 2 file cookiejar, one is Mozilla's FileCookieJar, which is explicitly advised as depricated. So forks, could your suggest how does other python user deal with cookie storage. Do they just pickle the cookie objects and save to file? LWPCookie's usage is strage to me and ,I believe, many average users, I guess many people like me will be willing to know alternatives. |
@b. Kyven: What are you trying to achieve? LWP is intended to be used with libwww-perl libary, which is not known to be compatible with any browsers (not sure whether or not this has any bearing on what you're doing). Really, IMHO, this entire module is in need of a whole lot of love. Unfortunately, I don't think there's much interest in it, so I'm unsure of whether or not that love will happen any time soon. https://github.com/jjlee/mechanize looks like it has its own implementation of the MozillaCookieJar (extending on the FileCookieJar). If/how it differs from the stdlib implementation I'm not sure. |
@demian Brecht What I try to achieve is simple. store persistent cookies in a way, that's told to be standard in python ? Actually, I was trying to sync QtCookiesJar to CookieJar to make urllib2 works with cookie sessions opened in QtWebKit to skip the heavy javascript powered login process.(now it works either way not both) And I need a way to save persistent cookie. Maybe I need to rethink my strategy. Any thoughts? |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: