traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Removed a confusing line from a docstring in http.cookies (GH-6482) 

There's no reason a cookie should _ever_ contain pickled data. That's just asking for a critical security vulnerability. Back in Python2 there were helpers for doing that, but they're no more in Python3. Now coded_value is used when the value needs to be encoded for any reason.
This commit is contained in:
Alex Gaynor 2018-04-15 17:23:47 -04:00 committed by GitHub
parent 1a5c4bdb6e
commit afbbac12a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Lib/http/cookies.py
View File

@ -256,8 +256,7 @@ class Morsel(dict):
In a cookie, each such pair may have several attributes, so this class is In a cookie, each such pair may have several attributes, so this class is
used to keep the attributes associated with the appropriate key,value pair. used to keep the attributes associated with the appropriate key,value pair.
This class also includes a coded_value attribute, which is used to hold This class also includes a coded_value attribute, which is used to hold
the network representation of the value. This is most useful when Python the network representation of the value.
objects are pickled for network transit.
""" """
# RFC 2109 lists these attributes as reserved: # RFC 2109 lists these attributes as reserved:
# path comment domain # path comment domain