Craig Warren
craig.warren at encorp.com
Thu Jan 13 11:23:03 EST 2005
I found an error while with Cookie module. When the cookie module parses a cookie, if that cooke has $Version or $Path in it you get an error. My cookie is coming from a java libaray, that puts $Version and $Path in it. example ="Cookie: $Version=0; pysid=34a9b38c34;$Path=/" RFC 2109 mentions $Version and $Path in Section 4.4 http://www.faqs.org/rfcs/rfc2109.html 4.4 How an Origin Server Interprets the Cookie Header A user agent returns much of the information in the Set-Cookie header to the origin server when the Path attribute matches that of a new request. When it receives a Cookie header, the origin server should treat cookies with NAMEs whose prefix is $ specially, as an attribute for the adjacent cookie. The value for such a NAME is to be interpreted as applying to the lexically (left-to-right) most recent cookie whose name does not have the $ prefix. If there is no previous cookie, the value applies to the cookie mechanism as a whole. For example, consider the cookie Cookie: $Version="1"; Customer="WILE_E_COYOTE"; $Path="/acme" $Version applies to the cookie mechanism as a whole (and gives the version number for the cookie mechanism). $Path is an attribute whose value (/acme) defines the Path attribute that was used when the Customer cookie was defined in a Set-Cookie response header. In Cookie.py it looks like the code was in place to deal with $Version and $Path, but not finished from _parse_cookie() line ~321 /*l_key = key.lower() if (l_key in valid or key[0] == '$'): # "internal" attribute, add to cookie if l_key == "max-age": l_key = "max_age" setattr(c, l_key, val) */ The above code checks for the $, but doesn't do anything with it and in fact when it tries to do a setattr with $Version or $Path, you get an error. I modified the function to be /*l_key = key.lower() if (l_key in valid or key[0] == '$'): # "internal" attribute, add to cookie if l_key == "max-age": l_key = "max_age" ** if key[0] == '$': l_key = l_key[1:] setattr(c, l_key, val)* / Don't know if this is exactly the correct fix, but it works for me and I thought that I would email the list. I tried to subscribe to python-dev at httpd.apache.org, but haven't gotten a response back yet, I CC this message to python-dev at httpd.apache.org also. Craig Warren -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mm_cfg_has_not_been_edited_to_set_host_domains/pipermail/mod_python/attachments/20050113/8c5309fd/attachment.html
|