summaryrefslogtreecommitdiffstats
path: root/Doc/lib/libcookie.tex
diff options
context:
space:
mode:
authorFred Drake <fdrake@acm.org>2002-12-31 15:10:49 (GMT)
committerFred Drake <fdrake@acm.org>2002-12-31 15:10:49 (GMT)
commitf14730a49a38e2bddee8b8b0ce45e260001a83e1 (patch)
tree70ffac0664320d53d405c91999e1dd631158759e /Doc/lib/libcookie.tex
parentc8b2e770cfd59132e447d3445556704b1a49fa89 (diff)
downloadcpython-f14730a49a38e2bddee8b8b0ce45e260001a83e1.zip
cpython-f14730a49a38e2bddee8b8b0ce45e260001a83e1.tar.gz
cpython-f14730a49a38e2bddee8b8b0ce45e260001a83e1.tar.bz2
- correct the deprecation markups so this formats again
- some minor cleanups
Diffstat (limited to 'Doc/lib/libcookie.tex')
-rw-r--r--Doc/lib/libcookie.tex16
1 files changed, 7 insertions, 9 deletions
diff --git a/Doc/lib/libcookie.tex b/Doc/lib/libcookie.tex
index 5c0078b..a84ad36 100644
--- a/Doc/lib/libcookie.tex
+++ b/Doc/lib/libcookie.tex
@@ -19,12 +19,12 @@ specs. As a result, the parsing rules used are a bit less strict.
\begin{excdesc}{CookieError}
Exception failing because of \rfc{2109} invalidity: incorrect
-attributes, incorrect \code{Set-Cookie} header, etc.
+attributes, incorrect \mimeheader{Set-Cookie} header, etc.
\end{excdesc}
\begin{classdesc}{BaseCookie}{\optional{input}}
This class is a dictionary-like object whose keys are strings and
-whose values are \class{Morsel}s. Note that upon setting a key to
+whose values are \class{Morsel} instances. Note that upon setting a key to
a value, the value is first converted to a \class{Morsel} containing
the key and the value.
@@ -40,13 +40,12 @@ and \function{str()} respectively.
\begin{classdesc}{SerialCookie}{\optional{input}}
This class derives from \class{BaseCookie} and overrides
\method{value_decode()} and \method{value_encode()} to be the
-\function{pickle.loads()} and \function{pickle.dumps()}.
+\function{pickle.loads()} and \function{pickle.dumps()}.
-\strong{Do not use this class!} Reading pickled values from untrusted
+\deprecated{2.3}{Reading pickled values from untrusted
cookie data is a huge security hole, as pickle strings can be crafted
to cause arbitrary code to execute on your server. It is supported
-for backwards compatibility only, and may eventually go away.
-\deprecated{2.3}
+for backwards compatibility only, and may eventually go away.}
\end{classdesc}
\begin{classdesc}{SmartCookie}{\optional{input}}
@@ -56,9 +55,8 @@ valid pickle, and otherwise the value itself. It overrides
\method{value_encode()} to be \function{pickle.dumps()} unless it is a
string, in which case it returns the value itself.
-\strong{Note:} The same security warning from \class{SerialCookie}
-applies here.
-\deprecated{2.3}
+\deprecated{2.3}{The same security warning from \class{SerialCookie}
+applies here.}
\end{classdesc}
A further security note is warranted. For backwards compatibility,