Previously it generated them if they were given a value, but completely
ignored them if they were present in the string passed in to be parsed. Now
if the flag appears on a cookie, the corresponding Morsel key will reference a
True value. Other pre-existing behavior is retained in this maintenance
patch: if the source contains something like 'secure=foo', morsel['secure']
will return 'foo'. Since such a value doesn't round trip and never did (and
would be a surprising occurrence) a subsequent non-bug-fix patch may change
this behavior.
Inspired by a patch from Julien Phalip, who reviewed this one.
There is a small chance of backward incompatibility here, but only for
non-SimpleCookie applications reading SimpleCookie generated cookies. Even
then, any such ap is likely to be handling escaped values already, and it would
take a fairly perverse implementation of unescaping to fail to unescape these
newly escaped chars, so the risk seems minimal.
R David Murray
Senthil Kumaran
Georg Brandl
Brett Cannon
Senthil Kumaran