[mod_python] return type of parse method of class SignedCookie

Jim Gallacher jpg at jgassociates.ca
Fri Jun 23 17:22:22 EDT 2006


Daniel Nogradi wrote:
> I'm slightly confused about the return type of the parse method of
> SignedCookie and the way one should check if the cookie was signed
> correctly. Cookie.py defines the parse method as
> 
> class SignedCookie(Cookie):
>    ....
>    def parse(Class, s, secret):
> 
>        dict = _parse_cookie(s, Class)
>        ....
>        return dict
> 
> and the function _parse_cookie is defined something like
> 
> def _parse_cookie(str, Class):
>    ....
>    result = {}
>    ....
>    return result
> 
> so it seems to me that the return type of the parse method of
> SignedCookie is dict so I don't really know what to make of the docs
> saying
> 
>  Note: Always check the types of objects returned by
> SignedCookie.parse().If it is an instance
>  of Cookie (as opposed to SignedCookie), the signature verification has
> failed:
> 
>  # assume spam is supposed to be a signed cookie
>  if type(spam) is not Cookie.SignedCookie:
>      # do something that indicates cookie isn't signed correctly
> 
> Isn't the return type always dict and never Cookie.SignedCookie? Or am
> I misunderstanding something somewhere?

The documentation for SignedCookie.parse is a little misleading (or
maybe it's just completely wrong). Take a look at the description for
Cookie.parse() which is a little clearer:

"""
parse(string)

This method returns a dictionary of Cookie instances, not a single
Cookie instance.

Here is an example of getting a single Cookie instance:

mycookies = Cookie.parse("spam=eggs; expires=Sat, 14-Jun-2003 02:42:36 GMT")
spamcookie = mycookies["spam"]
"""

So for SignedCookie, you would test spamcookie rather that mycookies.


Jim


More information about the Mod_python mailing list