]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8aa7e99) | patch
#9824: encode , and ; in cookie values so that browsers don't split on them
authorR. David Murray <rdmurray@bitdance.com>
Tue, 28 Dec 2010 18:54:13 +0000 (18:54 +0000)
committerR. David Murray <rdmurray@bitdance.com>
Tue, 28 Dec 2010 18:54:13 +0000 (18:54 +0000)
commite05ca2aff4e7e3da133c2a2410e7d2c9bb3c1d12
tree5acbe67bba3c5dd2f939c9a45179207f8e903ff2tree | snapshot
parent8aa7e999b5ab87cdbefe441649c223647875c110commit | diff
#9824: encode , and ; in cookie values so that browsers don't split on them

There is a small chance of backward incompatibility here, but only for
non-SimpleCookie applications reading SimpleCookie generated cookies.  Even
then, any such ap is likely to be handling escaped values already, and it would
take a fairly perverse implementation of unescaping to fail to unescape these
newly escaped chars, so the risk seems minimal.
Lib/http/cookies.py diff | blob | history
Lib/test/test_http_cookies.py diff | blob | history
Misc/NEWS diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.