Opened 5 years ago

Closed 5 years ago

#23730 closed Bug (fixed)

Incorrect reliance on SimpleCookie roundtripping

Reported by: Tim Graham Owned by: Tim Graham
Component: HTTP handling Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

From Georg Brandl on the Python bug tracker:

"Django uses __init__(str()) roundtripping, which is not explicitly supported by the [SimpleCookie] library, and worked by accident with previous versions. That it works again with 3.3+ is another accident, and a bug."

If Python fixes this "bug", we'll need to backport a fix to all supported versions of Django. I'm working a patch using the solution suggested by Georg on the ticket.

Change History (4)

comment:1 Changed 5 years ago by Tim Graham

Has patch: set

PR. As this patch merely moves our workaround for a bug in Python (that SimpleCookie is not pickable with HIGHEST_PROTOCOL), I also created an issue and submitted a patch for Python itself.

comment:2 Changed 5 years ago by Tim Graham

The Python ticket to introduce stricter parsing is #22796. Django's test suite is broken by the patch proposed on the Python ticket but passes once again with my pull request.

comment:3 Changed 5 years ago by Tim Graham

Severity: Release blockerNormal
Version: 1.6master

It doesn't look like the Python fix will be backported, so this isn't so urgent. It will be necessary for Python 3.5 compatibility (#23763).

comment:4 Changed 5 years ago by Tim Graham <timograham@…>

Resolution: fixed
Status: newclosed

In 42b5e4feeacf7cfa57867bf9fd5a6046de8c1cd3:

Fixed #23730 -- Moved support for SimpleCookie HIGHEST_PROTOCOL pickling to http.cookie.

This fix is necessary for Python 3.5 compatibility (refs #23763).

Thanks Berker Peksag for review.

Note: See TracTickets for help on using tickets.
Back to Top