Skip to content

Loading…

Cannot set cookie path #89

Closed
larsga opened this Issue · 3 comments

4 participants

@larsga

I've written a web application which uses sessions. I've deployed it using mod_wsgi and mod_rewrite, which means that all cookies have path set to the /code.py/ path, which is not where the application is deployed as seen by the browser. This means that the browser doesn't send cookies back to the application, even though the application sets them.

By adding a cookie_path config option similar to the already existing cookie_domain I was able to solve this. A patch with the fix is attached.

@larsga

I guess I should do this with a pull request, but that would take a bit of extra work. Just posting the patch here instead.

*** web.py-0.36/web/session.py  2011-07-04 06:10:40.000000000 -0400
--- /usr/lib/python2.4/site-packages/web/session.py 2011-07-17 08:54:28.000000000 -0400
***************
*** 27,32 ****
--- 27,33 ----
  web.config.session_parameters = utils.storage({
      'cookie_name': 'webpy_session_id',
      'cookie_domain': None,
+     'cookie_path' : None,
      'timeout': 86400, #24 * 60 * 60, # 24 hours in seconds
      'ignore_expiry': True,
      'ignore_change_ip': True,
***************
*** 91,96 ****
--- 92,98 ----
          """Load the session from the store, by the id from cookie"""
          cookie_name = self._config.cookie_name
          cookie_domain = self._config.cookie_domain
+         cookie_path = self._config.cookie_path
          httponly = self._config.httponly
          self.session_id = web.cookies().get(cookie_name)

***************
*** 139,147 ****
      def _setcookie(self, session_id, expires='', **kw):
          cookie_name = self._config.cookie_name
          cookie_domain = self._config.cookie_domain
          httponly = self._config.httponly
          secure = self._config.secure
!         web.setcookie(cookie_name, session_id, expires=expires, domain=cookie_domain, httponly=httponly, secure=secure)

      def _generate_session_id(self):
          """Generate a random id for session"""
--- 141,150 ----
      def _setcookie(self, session_id, expires='', **kw):
          cookie_name = self._config.cookie_name
          cookie_domain = self._config.cookie_domain
+         cookie_path = self._config.cookie_path
          httponly = self._config.httponly
          secure = self._config.secure
!         web.setcookie(cookie_name, session_id, expires=expires, domain=cookie_domain, httponly=httponly, secure=secure, path=cookie_path)

      def _generate_session_id(self):
          """Generate a random id for session"""
@xxbeta

Use web.setcookie('key', 'value', path='/path') works somehow.

@seanhoughton

Thanks for the solution. I've implemented your fix and submitted a pull request #138

@anandology anandology closed this
@bfdream bfdream pushed a commit to bfdream/webpy that referenced this issue
@seanhoughton seanhoughton Allow session cookie path customization to resolve issues caused by m…
…od_rewrite and wsgi. webpy/webpy#89
39a93a4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.