From b77e888f415d72d028361952692006a38c2473c8 Mon Sep 17 00:00:00 2001 From: Georg Brandl Date: Thu, 29 May 2008 07:38:37 +0000 Subject: [PATCH] #2988: add note about catching CookieError when parsing untrusted cookie data. --- Doc/library/cookie.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Doc/library/cookie.rst b/Doc/library/cookie.rst index aae7bc27475..346da5a1fd9 100644 --- a/Doc/library/cookie.rst +++ b/Doc/library/cookie.rst @@ -22,6 +22,12 @@ The module formerly strictly applied the parsing rules described in the MSIE 3.0x doesn't follow the character rules outlined in those specs. As a result, the parsing rules used are a bit less strict. +.. note:: + + On encountering an invalid cookie, :exc:`CookieError` is raised, so if your + cookie data comes from a browser you should always prepare for invalid data + and catch :exc:`CookieError` on parsing. + .. exception:: CookieError