|
Jim Gallacher
jpg at jgassociates.ca
Fri Jun 23 17:22:22 EDT 2006
Daniel Nogradi wrote:
> I'm slightly confused about the return type of the parse method of
> SignedCookie and the way one should check if the cookie was signed
> correctly. Cookie.py defines the parse method as
>
> class SignedCookie(Cookie):
> ....
> def parse(Class, s, secret):
>
> dict = _parse_cookie(s, Class)
> ....
> return dict
>
> and the function _parse_cookie is defined something like
>
> def _parse_cookie(str, Class):
> ....
> result = {}
> ....
> return result
>
> so it seems to me that the return type of the parse method of
> SignedCookie is dict so I don't really know what to make of the docs
> saying
>
> Note: Always check the types of objects returned by
> SignedCookie.parse().If it is an instance
> of Cookie (as opposed to SignedCookie), the signature verification has
> failed:
>
> # assume spam is supposed to be a signed cookie
> if type(spam) is not Cookie.SignedCookie:
> # do something that indicates cookie isn't signed correctly
>
> Isn't the return type always dict and never Cookie.SignedCookie? Or am
> I misunderstanding something somewhere?
The documentation for SignedCookie.parse is a little misleading (or
maybe it's just completely wrong). Take a look at the description for
Cookie.parse() which is a little clearer:
"""
parse(string)
This method returns a dictionary of Cookie instances, not a single
Cookie instance.
Here is an example of getting a single Cookie instance:
mycookies = Cookie.parse("spam=eggs; expires=Sat, 14-Jun-2003 02:42:36 GMT")
spamcookie = mycookies["spam"]
"""
So for SignedCookie, you would test spamcookie rather that mycookies.
Jim
|