diff options
| author | Serhiy Storchaka <storchaka@gmail.com> | 2015-03-13 07:09:35 (GMT) |
|---|---|---|
| committer | Serhiy Storchaka <storchaka@gmail.com> | 2015-03-13 07:09:35 (GMT) |
| commit | f7cc3fccadae5f2bb764b16808806b7d1849871b (patch) | |
| tree | 2424d9a9110ef8124aba9079d18646ddb49734f9 /Lib/http | |
| parent | 63623ac2529ce9f293784c06215b018664c74491 (diff) | |
| parent | 577fc4e87f59b94f2e906c77654a44a2ee586c1e (diff) | |
| download | cpython-f7cc3fccadae5f2bb764b16808806b7d1849871b.zip cpython-f7cc3fccadae5f2bb764b16808806b7d1849871b.tar.gz cpython-f7cc3fccadae5f2bb764b16808806b7d1849871b.tar.bz2 | |
Issue #23138: Fixed parsing cookies with absent keys or values in cookiejar.
Patch by Demian Brecht.
Diffstat (limited to 'Lib/http')
| -rw-r--r-- | Lib/http/cookiejar.py | 46 |
1 files changed, 31 insertions, 15 deletions
diff --git a/Lib/http/cookiejar.py b/Lib/http/cookiejar.py index 22f2833..cc9e0be 100644 --- a/Lib/http/cookiejar.py +++ b/Lib/http/cookiejar.py @@ -472,26 +472,42 @@ def parse_ns_headers(ns_headers): for ns_header in ns_headers: pairs = [] version_set = False - for ii, param in enumerate(re.split(r";\s*", ns_header)): - param = param.rstrip() - if param == "": continue - if "=" not in param: - k, v = param, None - else: - k, v = re.split(r"\s*=\s*", param, maxsplit=1) - k = k.lstrip() + + # XXX: The following does not strictly adhere to RFCs in that empty + # names and values are legal (the former will only appear once and will + # be overwritten if multiple occurrences are present). This is + # mostly to deal with backwards compatibility. + for ii, param in enumerate(ns_header.split(';')): + param = param.strip() + + key, sep, val = param.partition('=') + key = key.strip() + + if not key: + if ii == 0: + break + else: + continue + + # allow for a distinction between present and empty and missing + # altogether + val = val.strip() if sep else None + if ii != 0: - lc = k.lower() + lc = key.lower() if lc in known_attrs: - k = lc - if k == "version": + key = lc + + if key == "version": # This is an RFC 2109 cookie. - v = strip_quotes(v) + if val is not None: + val = strip_quotes(val) version_set = True - if k == "expires": + elif key == "expires": # convert expires date to seconds since epoch - v = http2time(strip_quotes(v)) # None if invalid - pairs.append((k, v)) + if val is not None: + val = http2time(strip_quotes(val)) # None if invalid + pairs.append((key, val)) if pairs: if not version_set: |