Opened 17 years ago
Closed 17 years ago
#5562 closed (fixed)
delete_cookie function in HttpResponse should set 'expires' to a time string, not 0
Reported by: | Owned by: | nobody | |
---|---|---|---|
Component: | HTTP handling | Version: | dev |
Severity: | Keywords: | ||
Cc: | Triage Stage: | Ready for checkin | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
- In this function,
self.cookies[key]['expires'] = 0
- Here the expire time set to a number, but it should set to a time string. The browser can't set the expire time for this cookie, so it will not be removed.I just set the expires time to a GMT beginning time string, and it works correct.
self.cookies[key]['expires'] = "Thu 1-Jan-1970 00:00:00 GMT"
Attachments (2)
Change History (7)
by , 17 years ago
Attachment: | delete_cookie.patch added |
---|
by , 17 years ago
Attachment: | 5562.patch added |
---|
comment:1 by , 17 years ago
Summary: | delete_cookie function in HttpResponse object doesn't work. → delete_cookie function in HttpResponse should set 'expires' to a time string, not 0 |
---|---|
Triage Stage: | Unreviewed → Ready for checkin |
follow-up: 3 comment:2 by , 17 years ago
- I have figured out that my patch couldn't display when I click the link of the patch but yours can. I want to know how can I make a patch like yours.
comment:3 by , 17 years ago
Replying to ljpsfree <caifen1985@gmail.com>:
- I have figured out that my patch couldn't display when I click the link of the patch but yours can. I want to know how can I make a patch like yours.
From the contributing documentation page:
When creating patches, always run svn diff
from the top-level trunk
directory — i.e., the one that contains django
, docs
, tests
, AUTHORS
, etc. This makes it easy for other people to apply your patches.
comment:4 by , 17 years ago
So, I'll note in passing that any browser who can't handle our current behaviour is broken,since the HTTP spec says that a value such as "0" (anything not a valid date) MUST be treated as in the past. Still, as Mark Nottingham has discovered, spec compliance in this area is poor, so we'll fix this.
comment:5 by , 17 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |