traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
101,664 Commits 9 Branches 456 Tags 1.7 GiB
Commit Graph

28 Commits

Author SHA1 Message Date
Miss Islington (bot) 9fc998d761 bpo-991266: Fix quoting of Comment attribute of SimpleCookie (GH-6555) 
(cherry picked from commit d5a2377c3d)

Co-authored-by: Berker Peksag <berker.peksag@gmail.com>
 2018-04-23 03:58:23 +03:00
Victor Stinner d6debb24e0 bpo-29919: Remove unused imports found by pyflakes (#137) 
Make also minor PEP8 coding style fixes on modified imports.
 2017-03-27 16:05:26 +02:00
Serhiy Storchaka cc283378d6 Issue #29192: Removed deprecated features in the http.cookies module. 2017-01-13 09:23:15 +02:00
Anish Shah 102d813b55 Issue #26302: Correctly identify comma as an invalid character for a cookie (correcting regression in Python 3.5). 2016-02-07 05:36:00 +05:00
Benjamin Peterson 5a69420062 merge 3.4 (#22931) 2015-05-23 10:41:30 -05:00
Benjamin Peterson c4ae86e477 merge 3.3 (#22931) 2015-05-23 10:40:47 -05:00
Benjamin Peterson d504f20e1c merge 3.2 (#22931) 2015-05-23 10:38:48 -05:00
Benjamin Peterson 9bd476ea57 allow square brackets in cookie values (closes #22931) 2015-05-23 10:36:48 -05:00
R David Murray 1813c1701f #2211: properly document the Morsel behavior changes. 
Also deprecate the undocumented set argument instead of removing
it already in 3.5.

Initial patch by Demian Brecht.
 2015-03-29 17:09:21 -04:00
Serhiy Storchaka 6c32585f67 Restored backward compatibility of pickling http.cookies.Morsel. It was 
broken after converting instance attributes to properies in issue #2211.
 2015-03-18 18:03:40 +02:00
Serhiy Storchaka 9c1a9b2657 Issue #2211: Updated the implementation of the http.cookies.Morsel class. 
Setting attributes key, value and coded_value directly now is deprecated.
update() and setdefault() now transform and check keys.  Comparing for
equality now takes into account attributes key, value and coded_value.
copy() now returns a Morsel, not a dict.  repr() now contains all attributes.
Optimized checking keys and quoting values.  Added new tests.
Original patch by Demian Brecht.
 2015-03-18 10:59:57 +02:00
Benjamin Peterson 5b883296f6 merge 3.4 (#22986) 2015-01-16 20:46:37 -05:00
Benjamin Peterson bd341629b0 capitialize "HttpOnly" and "Secure" as they appear in the standard and other impls (closes #23250) 
Patch by Jon Dufresne.
 2015-01-16 20:43:55 -05:00
Antoine Pitrou b1e36073cd Issue #22796: HTTP cookie parsing is now stricter, in order to protect against potential injection attacks. 2014-11-21 01:20:57 +01:00
Serhiy Storchaka 8cf7c1cff0 Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2 
and above.  Patch by Tim Graham.
 2014-11-02 22:18:25 +02:00
Antoine Pitrou 7d0b8f95e7 Lax cookie parsing in http.cookies could be a security issue when combined 
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
 2014-09-17 00:23:55 +02:00
Antoine Pitrou dad182c16e Lax cookie parsing in http.cookies could be a security issue when combined 
with non-standard cookie handling in some Web browsers.

Reported by Sergey Bobrov.
 2014-09-17 00:23:55 +02:00
R David Murray cd0f74b1e0 #16611: BaseCookie now parses 'secure' and 'httponly' flags. 
Previously it generated them if they were given a value, but completely
ignored them if they were present in the string passed in to be parsed.  Now
if the flag appears on a cookie, the corresponding Morsel key will reference a
True value.  Other pre-existing behavior is retained in this maintenance
patch: if the source contains something like 'secure=foo', morsel['secure']
will return 'foo'.  Since such a value doesn't round trip and never did (and
would be a surprising occurrence) a subsequent non-bug-fix patch may change
this behavior.

Inspired by a patch from Julien Phalip, who reviewed this one.
 2013-08-25 11:09:02 -04:00
Senthil Kumaran 0b943a18ef Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. Patch by Federico Reghenzani and Müte Invert 2012-05-20 12:06:51 +08:00
Senthil Kumaran 00c2ec282e Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. Patch by Federico Reghenzani and Müte Invert 2012-05-20 12:05:16 +08:00
Senthil Kumaran 3a441c1bed Fix Issue2193 - Allow ":" character in Cookie NAME values 2012-04-22 09:19:04 +08:00
R. David Murray e05ca2aff4 #9824: encode , and ; in cookie values so that browsers don't split on them 
There is a small chance of backward incompatibility here, but only for
non-SimpleCookie applications reading SimpleCookie generated cookies.  Even
then, any such ap is likely to be handling escaped values already, and it would
take a fairly perverse implementation of unescaping to fail to unescape these
newly escaped chars, so the risk seems minimal.
 2010-12-28 18:54:13 +00:00
Georg Brandl b16e38b825 #8826: the "expires" attribute value is a date string with spaces, but apparently not all user-agents put it in quotes. Handle that as a special case. 2010-08-01 09:06:34 +00:00
Georg Brandl 76e155a157 #3788: more tests for http.cookies, now at 95% coverage. Also bring coding style in the module up to PEP 8, where it does not break backwards compatibility. 2010-07-31 21:04:00 +00:00
Brett Cannon d3791ed450 Fix the warnings filter usage in test_http_cookies. 2010-03-20 21:51:10 +00:00
Senthil Kumaran 3e2ea79bda Fixing the issue4860. Escaping the embedded '"' in the js_output method of Morsel class. 2009-04-02 03:02:03 +00:00
Georg Brandl 6101395e74 Remove deprecated SmartCookie and SerialCookie classes. 2008-05-28 15:56:30 +00:00
Georg Brandl 2442015af2 Create http package. #2883. 2008-05-26 16:32:26 +00:00