diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2018-04-07 20:09:42 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-07 20:09:42 (GMT) |
commit | c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3 (patch) | |
tree | 2843f5346789cb667f20de681b4e4ddbd413698c /Lib | |
parent | 1d80a561734b9932961c546b0897405a3bfbf3e6 (diff) | |
download | cpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.zip cpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.tar.gz cpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.tar.bz2 |
bpo-29613: Added support for SameSite cookies (GH-6413)
* bpo-29613: Added support for SameSite cookies
Implemented as per draft
https://tools.ietf.org/html/draft-west-first-party-cookies-07
* Documented SameSite
And suggestions by members.
* Missing space :(
* Updated News and contributors
* Added version changed details.
* Fix in documentation
* fix in documentation
* Clubbed test cases for same attribute into single.
* Updates
* Style nits + expand tests
* review feedback
Diffstat (limited to 'Lib')
-rw-r--r-- | Lib/http/cookies.py | 1 | ||||
-rw-r--r-- | Lib/test/test_http_cookies.py | 13 |
2 files changed, 14 insertions, 0 deletions
diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py index 7e0259e..4a44db8 100644 --- a/Lib/http/cookies.py +++ b/Lib/http/cookies.py @@ -281,6 +281,7 @@ class Morsel(dict): "secure" : "Secure", "httponly" : "HttpOnly", "version" : "Version", + "samesite" : "SameSite", } _flags = {'secure', 'httponly'} diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py index 2ff6902..447f883 100644 --- a/Lib/test/test_http_cookies.py +++ b/Lib/test/test_http_cookies.py @@ -121,6 +121,19 @@ class CookieTests(unittest.TestCase): self.assertEqual(C.output(), 'Set-Cookie: Customer="WILE_E_COYOTE"; HttpOnly; Secure') + def test_samesite_attrs(self): + samesite_values = ['Strict', 'Lax', 'strict', 'lax'] + for val in samesite_values: + with self.subTest(val=val): + C = cookies.SimpleCookie('Customer="WILE_E_COYOTE"') + C['Customer']['samesite'] = val + self.assertEqual(C.output(), + 'Set-Cookie: Customer="WILE_E_COYOTE"; SameSite=%s' % val) + + C = cookies.SimpleCookie() + C.load('Customer="WILL_E_COYOTE"; SameSite=%s' % val) + self.assertEqual(C['Customer']['samesite'], val) + def test_secure_httponly_false_if_not_present(self): C = cookies.SimpleCookie() C.load('eggs=scrambled; Path=/bacon') |