diff options
| author | Georg Brandl <georg@python.org> | 2010-05-22 11:32:59 (GMT) |
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2010-05-22 11:32:59 (GMT) |
| commit | f9f33aa38d8f4cca28f32a522f28f4066de6d092 (patch) | |
| tree | 55997bd081b877e4f24e0b58edd017b4de33c530 /Lib/cookielib.py | |
| parent | a10d64fba224bbe922ae5297b8c8df1e01ef70c8 (diff) | |
| download | cpython-f9f33aa38d8f4cca28f32a522f28f4066de6d092.zip cpython-f9f33aa38d8f4cca28f32a522f28f4066de6d092.tar.gz cpython-f9f33aa38d8f4cca28f32a522f28f4066de6d092.tar.bz2 | |
Merged revisions 81465-81466 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r81465 | georg.brandl | 2010-05-22 13:29:19 +0200 (Sa, 22 Mai 2010) | 2 lines
Issue #3924: Ignore cookies with invalid "version" field in cookielib.
........
r81466 | georg.brandl | 2010-05-22 13:31:16 +0200 (Sa, 22 Mai 2010) | 1 line
Underscore the name of an internal utility function.
........
Diffstat (limited to 'Lib/cookielib.py')
| -rw-r--r-- | Lib/cookielib.py | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/Lib/cookielib.py b/Lib/cookielib.py index 6b59794..b61a2b2 100644 --- a/Lib/cookielib.py +++ b/Lib/cookielib.py @@ -434,6 +434,13 @@ def join_header_words(lists): if attr: headers.append("; ".join(attr)) return ", ".join(headers) +def _strip_quotes(text): + if text.startswith('"'): + text = text[1:] + if text.endswith('"'): + text = text[:-1] + return text + def parse_ns_headers(ns_headers): """Ad-hoc parser for Netscape protocol cookie-attributes. @@ -451,7 +458,7 @@ def parse_ns_headers(ns_headers): """ known_attrs = ("expires", "domain", "path", "secure", # RFC 2109 attrs (may turn up in Netscape cookies, too) - "port", "max-age") + "version", "port", "max-age") result = [] for ns_header in ns_headers: @@ -471,12 +478,11 @@ def parse_ns_headers(ns_headers): k = lc if k == "version": # This is an RFC 2109 cookie. + v = _strip_quotes(v) version_set = True if k == "expires": # convert expires date to seconds since epoch - if v.startswith('"'): v = v[1:] - if v.endswith('"'): v = v[:-1] - v = http2time(v) # None if invalid + v = http2time(_strip_quotes(v)) # None if invalid pairs.append((k, v)) if pairs: @@ -1450,7 +1456,11 @@ class CookieJar: # set the easy defaults version = standard.get("version", None) - if version is not None: version = int(version) + if version is not None: + try: + version = int(version) + except ValueError: + return None # invalid version, ignore cookie secure = standard.get("secure", False) # (discard is also set if expires is Absent) discard = standard.get("discard", False) |