Message 271901 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Artur Smęt
Recipients	Artur Smęt
Date	2016-08-03.12:22:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1470226948.72.0.0645301470223.issue27674@psf.upfronthosting.co.za>
In-reply-to

Content
The problem is similar to https://bugs.python.org/issue22931 with square brackets in cookie values. Incorrect value is serialized JSON in this case, for example: >>> from Cookie import SimpleCookie >>> cookie = SimpleCookie() >>> cookie.load('a=b; c={"somekey":"value"}; d=e, f=g, some=other') >>> cookie.output() 'Set-Cookie: a=b' >>> From my tests I figured out that quote mark (") is causing problems. In fact, according to HTTP specification, cookies can't be JSON objects, but I think that python library shouldn't silently allow incorrect values. Probably incorrect cookies should be skipped, or some exception should be thrown there.

The problem is similar to https://bugs.python.org/issue22931 with square brackets in cookie values.
Incorrect value is serialized JSON in this case, for example:

>>> from Cookie import SimpleCookie
>>> cookie = SimpleCookie()
>>> cookie.load('a=b; c={"somekey":"value"}; d=e, f=g, some=other')
>>> cookie.output()
'Set-Cookie: a=b'
>>> 

From my tests I figured out that quote mark (") is causing problems.

In fact, according to HTTP specification, cookies can't be JSON objects, but I think that python library shouldn't silently allow incorrect values. Probably incorrect cookies should be skipped, or some exception should be thrown there.

History
Date	User	Action	Args
2016-08-03 12:22:28	Artur Smęt	set	recipients: + Artur Smęt
2016-08-03 12:22:28	Artur Smęt	set	messageid: <1470226948.72.0.0645301470223.issue27674@psf.upfronthosting.co.za>
2016-08-03 12:22:28	Artur Smęt	link	issue27674 messages
2016-08-03 12:22:28	Artur Smęt	create