Code

#18908 closed Uncategorized (duplicate)

Can't set multiple cookies with the same name but different domains/paths

Reported by: ludwig.haehne Owned by: nobody
Component: HTTP handling Version: master
Severity: Normal Keywords: cookie
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

There is no way to set cookies with the same name for multiple domains or paths in the same response.

The following code only sets the second cookie:

response.set_cookie("alice", "123", domain='sub.example.com')
response.set_cookie("alice", "456", domain='example.com')

It makes sense because Django uses a dictionary for storing cookies:

self.cookies[key] = value

Therefore, Django cannot set multiple cookies with the same name but different domains or paths in the same response. RFC2965 is not completely clear if this should be possible but this article http://www.nczonline.net/blog/2009/05/05/http-cookies-explained/ suggests that it should be:

This cookie has four identifying characteristics: the cookie name, the domain, the path, and the secure flag. In order to change the value of this cookie in the future, another Set-Cookie header must be sent using the same cookie name, domain, and path.

This issue was brought up on Stackoverflow.

Attachments (0)

Change History (1)

comment:1 Changed 19 months ago by ludwig.haehne

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed

Add Comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
as The resolution will be set. Next status will be 'closed'
The resolution will be deleted. Next status will be 'new'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.