Django

Code

Ticket #5562 (closed: fixed)

Opened 1 year ago

Last modified 1 year ago

delete_cookie function in HttpResponse should set 'expires' to a time string, not 0

Reported by: ljpsfree <caifen1985@gmail.com> Assigned to: nobody
Milestone: Component: HTTP handling
Version: SVN Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: 1 Needs documentation: 0
Needs tests: 0 Patch needs improvement: 0

Description

  • In this function, 
       self.cookies[key]['expires'] = 0
  • Here the expire time set to a number, but it should set to a time string. The browser can't set the expire time for this cookie, so it will not be removed.I just set the expires time to a GMT beginning time string, and it works correct. 
      self.cookies[key]['expires'] = "Thu 1-Jan-1970 00:00:00 GMT"

Attachments

delete_cookie.patch (126 bytes) - added by ljpsfree <caifen1985@gmail.com> on 09/20/07 22:28:11.
5562.patch (0.8 kB) - added by SmileyChris on 10/16/07 19:16:06.

Change History

09/20/07 22:28:11 changed by ljpsfree <caifen1985@gmail.com>

  • attachment delete_cookie.patch added.

10/16/07 19:16:06 changed by SmileyChris

  • attachment 5562.patch added.

10/16/07 19:17:27 changed by SmileyChris

  • needs_better_patch changed.
  • stage changed from Unreviewed to Ready for checkin.
  • summary changed from delete_cookie function in HttpResponse object doesn't work. to delete_cookie function in HttpResponse should set 'expires' to a time string, not 0.
  • needs_tests changed.
  • needs_docs changed.

(follow-up: ↓ 3 ) 10/17/07 01:29:17 changed by ljpsfree <caifen1985@gmail.com>

  • I have figured out that my patch couldn't display when I click the link of the patch but yours can. I want to know how can I make a patch like yours.

(in reply to: ↑ 2 ) 10/17/07 02:10:44 changed by SmileyChris

Replying to ljpsfree <caifen1985@gmail.com>:

* I have figured out that my patch couldn't display when I click the link of the patch but yours can. I want to know how can I make a patch like yours.

From the contributing documentation page: When creating patches, always run svn diff from the top-level trunk directory — i.e., the one that contains django, docs, tests, AUTHORS, etc. This makes it easy for other people to apply your patches.

10/20/07 01:59:40 changed by mtredinnick

So, I'll note in passing that any browser who can't handle our current behaviour is broken,since the HTTP spec says that a value such as "0" (anything not a valid date) MUST be treated as in the past. Still, as Mark Nottingham has discovered, spec compliance in this area is poor, so we'll fix this.

10/20/07 02:01:13 changed by mtredinnick

  • status changed from new to closed.
  • resolution set to fixed.

(In [6549]) Fixed #5562 -- Changed settings of Expires heading when expiring a cookie to work with non-compliant browsers (also removes a non-compliance feature of our own). Thanks, caifen1985@gmail.com and SmileyChris?.

Add/Change #5562 (delete_cookie function in HttpResponse should set 'expires' to a time string, not 0)




Change Properties
Action