This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author julien.phalip
Recipients eric.araujo, ezio.melotti, flox, jdennis, julien.phalip, r.david.murray
Date 2013-07-18.09:47:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I'm attaching a suggested patch to fix the issues relating to serializing/deserializing the httponly and secure flags. The main idea is that for a flag to be active, it needs to both be set and have the True value.

I think this is a much more correct and saner approach than the current implementation. As it's been discussed previously, currently the httponly and secure flag are systematically given the empty string as default value when instantiating a Morsel object. So one would infer that the empty string means that the flags are inactive. However, when deserializing a Morsel object, the empty string is used to indicate that a flag is active. Both behaviors contradict each other.

While the suggested change is backwards-incompatible, it would break the code of developers relying on an inconsistent behavior. So perhaps this might be compelling enough to allow breaking backwards compatibility in this case.

Let me know what you think. Thanks!
Date User Action Args
2013-07-18 09:47:14julien.phalipsetrecipients: + julien.phalip, ezio.melotti, eric.araujo, r.david.murray, flox, jdennis
2013-07-18 09:47:13julien.phalipsetmessageid: <>
2013-07-18 09:47:13julien.phaliplinkissue16611 messages
2013-07-18 09:47:13julien.phalipcreate