Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle secure cookies #8

Closed
jkoehl opened this issue Jan 4, 2014 · 1 comment
Closed

Handle secure cookies #8

jkoehl opened this issue Jan 4, 2014 · 1 comment

Comments

@jkoehl
Copy link
Contributor

jkoehl commented Jan 4, 2014

If a secure cookie is set then webobtoolkit has an issue attempting to send the cookie on subsequent requests.

The issue appears to be with the cookie filter not creating a proper mock request with a get_type() function so cookielib can verify the scheme used to send the request.

It blows up here in cookielib.py:

    def return_ok_secure(self, cookie, request):
        if cookie.secure and request.get_type() != "https":
            _debug("   secure cookie with non-secure request")
            return False
        return True

But the root cause is this class in filters.py just needs to implement this get_type() function...

class RequestCookieAdapter(object):
    """
    this class merely provides the methods required for a
    cookielib.CookieJar to work on a webob.Request

    potential for yak shaving...very high
    """
    def __init__(self, request):
        self._request = request

    def is_unverifiable(self):
        return True  # sure? Why not?

    def get_full_url(self):
        return self._request.url

    def get_origin_req_host(self):
        return self._request.host

    def add_unredirected_header(self, key, header):
        self._request.headers[key] = header

    def has_header(self, key):
        return key in self._request.headers
@jkoehl jkoehl mentioned this issue Jan 5, 2014
Merged
twillis pushed a commit that referenced this issue Jan 6, 2014
Merge pull request #9 from Batterii/master
a8c0754 
Add support for secure cookies to fix issue #8
twillis pushed a commit that referenced this issue Jan 6, 2014
release 0.2.2
16a59dd 
to address issue #8
@twillis
Copy link
Owner

twillis commented Jan 6, 2014

thank you sir. I merged and cut a release (0.2.2)

@twillis twillis closed this as completed Jan 6, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@twillis @jkoehl