Opened 12 years ago

Last modified 11 years ago

#18403 closed Bug

Issue with redefined SimpleCookie with invalid cookie name — at Initial Version

Reported by: Stefano Crosta <stefano@…> Owned by: nobody
Component: HTTP handling Version: 1.4
Severity: Normal Keywords: cookie
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

To provoke the error:

from django.http import HttpResponse
response= HttpResponse()
response.set_cookie("a:.b/",1)

AttributeError: 'SimpleCookie' object has no attribute 'bad_cookies'

with a python version that does not accept colons (":") in the cookie name.

Django http/init.py redefines the SimpleCookie, and initializes bad_cookies in a method load(self, rawdata) that does not seem to be called in this case.

Beside the obvious fact that the cookie name is totally invalid, it looks like bad_cookies is not correctly initialized (I wouldn't mind an error, but a real one!)

Or am I using set_cookie uncorrectly here?

Change History (0)

Note: See TracTickets for help on using tickets.
Back to Top