summaryrefslogtreecommitdiffstats
path: root/Lib/http/cookies.py
Commit message (Collapse)AuthorAgeFilesLines
* Lax cookie parsing in http.cookies could be a security issue when combinedAntoine Pitrou2014-09-161-1/+2
| | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.
* Issue #19936: Added executable bits or shebang lines to Python scripts whichSerhiy Storchaka2014-01-161-3/+0
| | | | | | | requires them. Disable executable bits and shebang lines in test and benchmark files in order to prevent using a random system python, and in source files of modules which don't provide command line interface. Fixed shebang line to use python3 executable in the unittestgui script.
* #16611: BaseCookie now parses 'secure' and 'httponly' flags.R David Murray2013-08-251-10/+19
| | | | | | | | | | | | | Previously it generated them if they were given a value, but completely ignored them if they were present in the string passed in to be parsed. Now if the flag appears on a cookie, the corresponding Morsel key will reference a True value. Other pre-existing behavior is retained in this maintenance patch: if the source contains something like 'secure=foo', morsel['secure'] will return 'foo'. Since such a value doesn't round trip and never did (and would be a surprising occurrence) a subsequent non-bug-fix patch may change this behavior. Inspired by a patch from Julien Phalip, who reviewed this one.
* merge - Fix for issue14426 - buildbots here I comeSenthil Kumaran2012-05-201-1/+1
|\
| * Fix for issue14426 - buildbots here I comeSenthil Kumaran2012-05-201-1/+1
| |
* | Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. ↵Senthil Kumaran2012-05-201-1/+1
|\ \ | |/ | | | | Patch by Federico Reghenzani and Müte Invert
| * Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. ↵Senthil Kumaran2012-05-201-1/+1
| | | | | | | | Patch by Federico Reghenzani and Müte Invert
* | Fix Issue2193 - Allow ":" character in Cookie NAME valuesSenthil Kumaran2012-04-221-1/+1
|/
* #9824: encode , and ; in cookie values so that browsers don't split on themR. David Murray2010-12-281-0/+5
| | | | | | | | There is a small chance of backward incompatibility here, but only for non-SimpleCookie applications reading SimpleCookie generated cookies. Even then, any such ap is likely to be handling escaped values already, and it would take a fairly perverse implementation of unescaping to fail to unescape these newly escaped chars, so the risk seems minimal.
* #1513299: cleanup some map() uses where a comprehension works better.Georg Brandl2010-12-041-1/+1
|
* #8826: the "expires" attribute value is a date string with spaces, but ↵Georg Brandl2010-08-011-0/+2
| | | | apparently not all user-agents put it in quotes. Handle that as a special case.
* #3788: more tests for http.cookies, now at 95% coverage. Also bring coding ↵Georg Brandl2010-07-311-110/+103
| | | | style in the module up to PEP 8, where it does not break backwards compatibility.
* convert shebang lines: python -> python3Benjamin Peterson2010-03-111-1/+1
|
* Merged revisions ↵Benjamin Peterson2009-09-111-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 74277,74321,74323,74326,74355,74465,74467,74488,74492,74513,74531,74549,74553,74625,74632,74643-74644,74647,74652,74666,74671,74727,74739 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r74277 | sean.reifschneider | 2009-08-01 18:54:55 -0500 (Sat, 01 Aug 2009) | 3 lines - Issue #6624: yArg_ParseTuple with "s" format when parsing argument with NUL: Bogus TypeError detail string. ........ r74321 | guilherme.polo | 2009-08-05 11:51:41 -0500 (Wed, 05 Aug 2009) | 1 line Easier reference to find (at least while svn continues being used). ........ r74323 | guilherme.polo | 2009-08-05 18:48:26 -0500 (Wed, 05 Aug 2009) | 1 line Typo. ........ r74326 | jesse.noller | 2009-08-05 21:05:56 -0500 (Wed, 05 Aug 2009) | 1 line Fix issue 4660: spurious task_done errors in multiprocessing, remove doc note for from_address ........ r74355 | gregory.p.smith | 2009-08-12 12:02:37 -0500 (Wed, 12 Aug 2009) | 2 lines comment typo fix ........ r74465 | vinay.sajip | 2009-08-15 18:23:12 -0500 (Sat, 15 Aug 2009) | 1 line Added section on logging to one file from multiple processes. ........ r74467 | vinay.sajip | 2009-08-15 18:34:47 -0500 (Sat, 15 Aug 2009) | 1 line Refined section on logging to one file from multiple processes. ........ r74488 | vinay.sajip | 2009-08-17 08:14:37 -0500 (Mon, 17 Aug 2009) | 1 line Further refined section on logging to one file from multiple processes. ........ r74492 | r.david.murray | 2009-08-17 14:26:49 -0500 (Mon, 17 Aug 2009) | 2 lines Issue 6685: 'toupper' -> 'upper' in cgi doc example explanation. ........ r74513 | skip.montanaro | 2009-08-18 09:37:52 -0500 (Tue, 18 Aug 2009) | 1 line missing module ref (issue6723) ........ r74531 | vinay.sajip | 2009-08-20 17:04:32 -0500 (Thu, 20 Aug 2009) | 1 line Added section on exceptions raised during logging. ........ r74549 | benjamin.peterson | 2009-08-24 12:42:36 -0500 (Mon, 24 Aug 2009) | 1 line fix pdf building by teaching latex the right encoding package ........ r74553 | r.david.murray | 2009-08-26 20:04:59 -0500 (Wed, 26 Aug 2009) | 2 lines Remove leftover text from end of sentence. ........ r74625 | benjamin.peterson | 2009-09-01 17:27:57 -0500 (Tue, 01 Sep 2009) | 1 line remove the check that classmethod's argument is a callable ........ r74632 | georg.brandl | 2009-09-03 02:27:26 -0500 (Thu, 03 Sep 2009) | 1 line #6828: fix wrongly highlighted blocks. ........ r74643 | georg.brandl | 2009-09-04 01:59:20 -0500 (Fri, 04 Sep 2009) | 2 lines Issue #2666: Handle BROWSER environment variable properly for unknown browser names in the webbrowser module. ........ r74644 | georg.brandl | 2009-09-04 02:55:14 -0500 (Fri, 04 Sep 2009) | 1 line #5047: remove Monterey support from configure. ........ r74647 | georg.brandl | 2009-09-04 03:17:04 -0500 (Fri, 04 Sep 2009) | 2 lines Issue #5275: In Cookie's Cookie.load(), properly handle non-string arguments as documented. ........ r74652 | georg.brandl | 2009-09-04 06:25:37 -0500 (Fri, 04 Sep 2009) | 1 line #6756: add some info about the "acct" parameter. ........ r74666 | georg.brandl | 2009-09-05 04:04:09 -0500 (Sat, 05 Sep 2009) | 1 line #6841: remove duplicated word. ........ r74671 | georg.brandl | 2009-09-05 11:47:17 -0500 (Sat, 05 Sep 2009) | 1 line #6843: add link from filterwarnings to where the meaning of the arguments is covered. ........ r74727 | benjamin.peterson | 2009-09-08 18:04:22 -0500 (Tue, 08 Sep 2009) | 1 line #6865 fix ref counting in initialization of pwd module ........ r74739 | georg.brandl | 2009-09-11 02:55:20 -0500 (Fri, 11 Sep 2009) | 1 line Move function back to its section. ........
* Turn some comments into docstrings.Georg Brandl2009-09-041-20/+16
|
* Remove pseudo-end markers from http.cookies.Georg Brandl2009-09-041-22/+1
|
* Fixing the issue4860. Escaping the embedded '"' in the js_output method of ↵Senthil Kumaran2009-04-021-1/+1
| | | | Morsel class.
* Merged revisions 66262 via svnmerge fromBenjamin Peterson2008-09-061-0/+6
| | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/trunk ........ r66262 | benjamin.peterson | 2008-09-06 14:28:11 -0500 (Sat, 06 Sep 2008) | 4 lines #1638033: add support for httponly on Cookie.Morsel Reviewer: Benjamin ........
* #2834: Change re module semantics, so that str and bytes mixing is forbidden,Antoine Pitrou2008-08-191-1/+1
| | | | | and str (unicode) patterns get full unicode matching by default. The re.ASCII flag is also introduced to ask for ASCII matching instead.
* Remove deprecated SmartCookie and SerialCookie classes.Georg Brandl2008-05-281-153/+8
|
* Create http package. #2883.Georg Brandl2008-05-261-0/+733
generated by cgit v0.12 at 2024-10-19 20:05:08 (GMT)