diff options
Diffstat (limited to 'Lib/http/cookiejar.py')
| -rw-r--r-- | Lib/http/cookiejar.py | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/Lib/http/cookiejar.py b/Lib/http/cookiejar.py index e9efab8..657faa1 100644 --- a/Lib/http/cookiejar.py +++ b/Lib/http/cookiejar.py @@ -436,6 +436,13 @@ def join_header_words(lists): if attr: headers.append("; ".join(attr)) return ", ".join(headers) +def strip_quotes(text): + if text.startswith('"'): + text = text[1:] + if text.endswith('"'): + text = text[:-1] + return text + def parse_ns_headers(ns_headers): """Ad-hoc parser for Netscape protocol cookie-attributes. @@ -453,7 +460,7 @@ def parse_ns_headers(ns_headers): """ known_attrs = ("expires", "domain", "path", "secure", # RFC 2109 attrs (may turn up in Netscape cookies, too) - "port", "max-age") + "version", "port", "max-age") result = [] for ns_header in ns_headers: @@ -473,12 +480,11 @@ def parse_ns_headers(ns_headers): k = lc if k == "version": # This is an RFC 2109 cookie. + v = strip_quotes(v) version_set = True if k == "expires": # convert expires date to seconds since epoch - if v.startswith('"'): v = v[1:] - if v.endswith('"'): v = v[:-1] - v = http2time(v) # None if invalid + v = http2time(strip_quotes(v)) # None if invalid pairs.append((k, v)) if pairs: @@ -1446,7 +1452,11 @@ class CookieJar: # set the easy defaults version = standard.get("version", None) - if version is not None: version = int(version) + if version is not None: + try: + version = int(version) + except ValueError: + return None # invalid version, ignore cookie secure = standard.get("secure", False) # (discard is also set if expires is Absent) discard = standard.get("discard", False) |