#20557 closed Bug (fixed)
Mangled Cookies on Python 3
| Reported by: | Armin Ronacher | Owned by: | Aymeric Augustin |
|---|---|---|---|
| Component: | HTTP handling | Version: | 1.5 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
The WSGI spec mangles the strings when they go into the environment. This not only affects QUERY_STRING, PATH_INFO and SCRIPT_NAME, it also affects headers that are not latin1. This for instance applies to the HTTP_COOKIE header. When you set a cookie named förmlich="nährhaft" with JavaScript, Django will give you a mangled value.
The correct solution on Python 3 is to encode it back to latin1 and decode it from utf-8 as browsers do.
Change History (7)
comment:1 by , 11 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
| Triage Stage: | Unreviewed → Accepted |
comment:2 by , 11 years ago
I just noticed that the stdlib module has some issues with unicode on Python 3. I am going to investigate how I'm going to solve this in Werkzeug and will link you the solution once I have one.
comment:3 by , 11 years ago
This is the solution I ended up with in Werkzeug for the time being: https://github.com/mitsuhiko/werkzeug/commit/cf048aad79faa4675f8d90ab57928dc3e09808cb
comment:4 by , 11 years ago
| Type: | Uncategorized → Bug |
|---|
We reached roughly the same conclusion; we just piled hacks upon hacks instead of rewriting the whole thing like you did...
comment:5 by , 11 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Agreed, that's what Django should do.
(I don't remember how this works currently.)