summaryrefslogtreecommitdiffstats
path: root/Lib
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2018-04-07 20:09:42 (GMT)
committerGitHub <noreply@github.com>2018-04-07 20:09:42 (GMT)
commitc87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3 (patch)
tree2843f5346789cb667f20de681b4e4ddbd413698c /Lib
parent1d80a561734b9932961c546b0897405a3bfbf3e6 (diff)
downloadcpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.zip
cpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.tar.gz
cpython-c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3.tar.bz2
bpo-29613: Added support for SameSite cookies (GH-6413)
* bpo-29613: Added support for SameSite cookies Implemented as per draft https://tools.ietf.org/html/draft-west-first-party-cookies-07 * Documented SameSite And suggestions by members. * Missing space :( * Updated News and contributors * Added version changed details. * Fix in documentation * fix in documentation * Clubbed test cases for same attribute into single. * Updates * Style nits + expand tests * review feedback
Diffstat (limited to 'Lib')
-rw-r--r--Lib/http/cookies.py1
-rw-r--r--Lib/test/test_http_cookies.py13
2 files changed, 14 insertions, 0 deletions
diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
index 7e0259e..4a44db8 100644
--- a/Lib/http/cookies.py
+++ b/Lib/http/cookies.py
@@ -281,6 +281,7 @@ class Morsel(dict):
"secure" : "Secure",
"httponly" : "HttpOnly",
"version" : "Version",
+ "samesite" : "SameSite",
}
_flags = {'secure', 'httponly'}
diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
index 2ff6902..447f883 100644
--- a/Lib/test/test_http_cookies.py
+++ b/Lib/test/test_http_cookies.py
@@ -121,6 +121,19 @@ class CookieTests(unittest.TestCase):
self.assertEqual(C.output(),
'Set-Cookie: Customer="WILE_E_COYOTE"; HttpOnly; Secure')
+ def test_samesite_attrs(self):
+ samesite_values = ['Strict', 'Lax', 'strict', 'lax']
+ for val in samesite_values:
+ with self.subTest(val=val):
+ C = cookies.SimpleCookie('Customer="WILE_E_COYOTE"')
+ C['Customer']['samesite'] = val
+ self.assertEqual(C.output(),
+ 'Set-Cookie: Customer="WILE_E_COYOTE"; SameSite=%s' % val)
+
+ C = cookies.SimpleCookie()
+ C.load('Customer="WILL_E_COYOTE"; SameSite=%s' % val)
+ self.assertEqual(C['Customer']['samesite'], val)
+
def test_secure_httponly_false_if_not_present(self):
C = cookies.SimpleCookie()
C.load('eggs=scrambled; Path=/bacon')