Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Issue #29192: Removed deprecated features in the http.cookies module. | Serhiy Storchaka | 2017-01-13 | 1 | -15/+7 |
| | |||||
* | Issue #26302: Correctly identify comma as an invalid character for a cookie ↵ | Anish Shah | 2016-02-07 | 1 | -0/+6 |
| | | | | (correcting regression in Python 3.5). | ||||
* | merge 3.4 (#22931) | Benjamin Peterson | 2015-05-23 | 1 | -8/+205 |
|\ | |||||
| * | #2211: properly document the Morsel behavior changes. | R David Murray | 2015-03-29 | 1 | -0/+2 |
| | | | | | | | | | | | | | | Also deprecate the undocumented set argument instead of removing it already in 3.5. Initial patch by Demian Brecht. | ||||
| * | Restored backward compatibility of pickling http.cookies.Morsel. It was | Serhiy Storchaka | 2015-03-18 | 1 | -0/+20 |
| | | | | | | | | broken after converting instance attributes to properies in issue #2211. | ||||
| * | Issue #2211: Updated the implementation of the http.cookies.Morsel class. | Serhiy Storchaka | 2015-03-18 | 1 | -0/+179 |
| | | | | | | | | | | | | | | | | | | Setting attributes key, value and coded_value directly now is deprecated. update() and setdefault() now transform and check keys. Comparing for equality now takes into account attributes key, value and coded_value. copy() now returns a Morsel, not a dict. repr() now contains all attributes. Optimized checking keys and quoting values. Added new tests. Original patch by Demian Brecht. | ||||
| * | merge 3.4 (#22986) | Benjamin Peterson | 2015-01-16 | 1 | -8/+4 |
| |\ | |||||
| | * | Issue #22796: HTTP cookie parsing is now stricter, in order to protect ↵ | Antoine Pitrou | 2014-11-21 | 1 | -8/+4 |
| | | | | | | | | | | | | against potential injection attacks. | ||||
* | | | merge 3.3 (#22931) | Benjamin Peterson | 2015-05-23 | 1 | -3/+16 |
|\ \ \ | |/ / | |||||
| * | | capitialize "HttpOnly" and "Secure" as they appear in the standard and other ↵ | Benjamin Peterson | 2015-01-16 | 1 | -2/+2 |
| |/ | | | | | | | | | | | impls (closes #23250) Patch by Jon Dufresne. | ||||
| * | Issue #22775: Fixed unpickling of http.cookies.SimpleCookie with protocol 2 | Serhiy Storchaka | 2014-11-02 | 1 | -1/+14 |
| | | | | | | | | and above. Patch by Tim Graham. | ||||
* | | merge 3.2 (#22931) | Benjamin Peterson | 2015-05-23 | 1 | -0/+13 |
|\ \ | |/ |/| | |||||
| * | allow square brackets in cookie values (closes #22931) | Benjamin Peterson | 2015-05-23 | 1 | -0/+14 |
| | | |||||
| * | Lax cookie parsing in http.cookies could be a security issue when combined | Antoine Pitrou | 2014-09-17 | 1 | -0/+9 |
| | | | | | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov. | ||||
* | | Lax cookie parsing in http.cookies could be a security issue when combined | Antoine Pitrou | 2014-09-17 | 1 | -0/+9 |
| | | | | | | | | | | | | with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov. | ||||
* | | #16611: BaseCookie now parses 'secure' and 'httponly' flags. | R David Murray | 2013-08-25 | 1 | -1/+39 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Previously it generated them if they were given a value, but completely ignored them if they were present in the string passed in to be parsed. Now if the flag appears on a cookie, the corresponding Morsel key will reference a True value. Other pre-existing behavior is retained in this maintenance patch: if the source contains something like 'secure=foo', morsel['secure'] will return 'foo'. Since such a value doesn't round trip and never did (and would be a surprising occurrence) a subsequent non-bug-fix patch may change this behavior. Inspired by a patch from Julien Phalip, who reviewed this one. | ||||
* | | Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. ↵ | Senthil Kumaran | 2012-05-20 | 1 | -0/+9 |
|\ \ | |/ |/| | | | Patch by Federico Reghenzani and M?te Invert | ||||
| * | Fix Issue2193 - Allow ":" character in Cookie NAME values | Senthil Kumaran | 2012-04-22 | 1 | -0/+9 |
| | | |||||
* | | Issue #14426: Correct the Date format in Expires attribute of Set-Cookie. ↵ | Senthil Kumaran | 2012-05-20 | 1 | -4/+4 |
|/ | | | | Patch by Federico Reghenzani and M?te Invert | ||||
* | #9824: encode , and ; in cookie values so that browsers don't split on them | R. David Murray | 2010-12-28 | 1 | -0/+8 |
| | | | | | | | | There is a small chance of backward incompatibility here, but only for non-SimpleCookie applications reading SimpleCookie generated cookies. Even then, any such ap is likely to be handling escaped values already, and it would take a fairly perverse implementation of unescaping to fail to unescape these newly escaped chars, so the risk seems minimal. | ||||
* | #8826: the "expires" attribute value is a date string with spaces, but ↵ | Georg Brandl | 2010-08-01 | 1 | -0/+10 |
| | | | | apparently not all user-agents put it in quotes. Handle that as a special case. | ||||
* | #3788: more tests for http.cookies, now at 95% coverage. Also bring coding ↵ | Georg Brandl | 2010-07-31 | 1 | -17/+98 |
| | | | | style in the module up to PEP 8, where it does not break backwards compatibility. | ||||
* | Fix the warnings filter usage in test_http_cookies. | Brett Cannon | 2010-03-20 | 1 | -4/+11 |
| | |||||
* | Fixing the issue4860. Escaping the embedded '"' in the js_output method of ↵ | Senthil Kumaran | 2009-04-02 | 1 | -4/+4 |
| | | | | Morsel class. | ||||
* | Remove deprecated SmartCookie and SerialCookie classes. | Georg Brandl | 2008-05-28 | 1 | -1/+0 |
| | |||||
* | Create http package. #2883. | Georg Brandl | 2008-05-26 | 1 | -0/+82 |