cpython

mirror of https://github.com/python/cpython.git synced 2025-10-31 13:41:24 +00:00

Author	SHA1	Message	Date
Berker Peksag	d5a2377c3d	bpo-991266: Fix quoting of Comment attribute of SimpleCookie (GH-6555)	2018-04-23 02:48:11 +03:00
Alex Gaynor	afbbac12a5	Removed a confusing line from a docstring in http.cookies (GH-6482) There's no reason a cookie should _ever_ contain pickled data. That's just asking for a critical security vulnerability. Back in Python2 there were helpers for doing that, but they're no more in Python3. Now coded_value is used when the value needs to be encoded for any reason.	2018-04-15 17:23:47 -04:00
Alex Gaynor	c87eb09d2e	bpo-29613: Added support for SameSite cookies (GH-6413) * bpo-29613: Added support for SameSite cookies Implemented as per draft https://tools.ietf.org/html/draft-west-first-party-cookies-07 * Documented SameSite And suggestions by members. * Missing space :( * Updated News and contributors * Added version changed details. * Fix in documentation * fix in documentation * Clubbed test cases for same attribute into single. * Updates * Style nits + expand tests * review feedback	2018-04-07 16:09:42 -04:00
Serhiy Storchaka	cc283378d6	Issue #29192 : Removed deprecated features in the http.cookies module.	2017-01-13 09:23:15 +02:00
Serhiy Storchaka	bd48d27944	Issue #22493 : Inline flags now should be used only at the start of the regular expression. Deprecation warning is emitted if uses them in the middle of the regular expression.	2016-09-11 12:50:02 +03:00
R David Murray	44b548dda8	#27364 : fix "incorrect" uses of escape character in the stdlib. And most of the tools. Patch by Emanual Barry, reviewed by me, Serhiy Storchaka, and Martin Panter.	2016-09-08 13:59:53 -04:00
Martin Panter	46f50726a0	Issue #27076 : Doc, comment and tests spelling fixes Most fixes to Doc/ and Lib/ directories by Ville Skyttä.	2016-05-26 05:35:26 +00:00
Anish Shah	102d813b55	Issue #26302 : Correctly identify comma as an invalid character for a cookie (correcting regression in Python 3.5).	2016-02-07 05:36:00 +05:00
Benjamin Peterson	5a69420062	merge 3.4 (#22931 )	2015-05-23 10:41:30 -05:00
Benjamin Peterson	c4ae86e477	merge 3.3 (#22931 )	2015-05-23 10:40:47 -05:00
Benjamin Peterson	d504f20e1c	merge 3.2 (#22931 )	2015-05-23 10:38:48 -05:00
Benjamin Peterson	9bd476ea57	allow square brackets in cookie values (closes #22931 )	2015-05-23 10:36:48 -05:00
R David Murray	1813c1701f	#2211 : properly document the Morsel behavior changes. Also deprecate the undocumented set argument instead of removing it already in 3.5. Initial patch by Demian Brecht.	2015-03-29 17:09:21 -04:00
Serhiy Storchaka	6c32585f67	Restored backward compatibility of pickling http.cookies.Morsel. It was broken after converting instance attributes to properies in issue #2211.	2015-03-18 18:03:40 +02:00
Serhiy Storchaka	9c1a9b2657	Issue #2211 : Updated the implementation of the http.cookies.Morsel class. Setting attributes key, value and coded_value directly now is deprecated. update() and setdefault() now transform and check keys. Comparing for equality now takes into account attributes key, value and coded_value. copy() now returns a Morsel, not a dict. repr() now contains all attributes. Optimized checking keys and quoting values. Added new tests. Original patch by Demian Brecht.	2015-03-18 10:59:57 +02:00
Benjamin Peterson	5b883296f6	merge 3.4 (#22986 )	2015-01-16 20:46:37 -05:00
Benjamin Peterson	bd341629b0	capitialize "HttpOnly" and "Secure" as they appear in the standard and other impls (closes #23250 ) Patch by Jon Dufresne.	2015-01-16 20:43:55 -05:00
Antoine Pitrou	b1e36073cd	Issue #22796 : HTTP cookie parsing is now stricter, in order to protect against potential injection attacks.	2014-11-21 01:20:57 +01:00
Serhiy Storchaka	8cf7c1cff0	Issue #22775 : Fixed unpickling of http.cookies.SimpleCookie with protocol 2 and above. Patch by Tim Graham.	2014-11-02 22:18:25 +02:00
Antoine Pitrou	7d0b8f95e7	Lax cookie parsing in http.cookies could be a security issue when combined with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.	2014-09-17 00:23:55 +02:00
Antoine Pitrou	dad182c16e	Lax cookie parsing in http.cookies could be a security issue when combined with non-standard cookie handling in some Web browsers. Reported by Sergey Bobrov.	2014-09-17 00:23:55 +02:00
Serhiy Storchaka	b992a0e102	Issue #19936 : Added executable bits or shebang lines to Python scripts which requires them. Disable executable bits and shebang lines in test and benchmark files in order to prevent using a random system python, and in source files of modules which don't provide command line interface. Fixed shebang line to use python3 executable in the unittestgui script.	2014-01-16 17:15:49 +02:00
R David Murray	cd0f74b1e0	#16611 : BaseCookie now parses 'secure' and 'httponly' flags. Previously it generated them if they were given a value, but completely ignored them if they were present in the string passed in to be parsed. Now if the flag appears on a cookie, the corresponding Morsel key will reference a True value. Other pre-existing behavior is retained in this maintenance patch: if the source contains something like 'secure=foo', morsel['secure'] will return 'foo'. Since such a value doesn't round trip and never did (and would be a surprising occurrence) a subsequent non-bug-fix patch may change this behavior. Inspired by a patch from Julien Phalip, who reviewed this one.	2013-08-25 11:09:02 -04:00
Senthil Kumaran	185f401308	merge - Fix for issue14426 - buildbots here I come	2012-05-20 16:58:59 +08:00
Senthil Kumaran	aeeba2629a	Fix for issue14426 - buildbots here I come	2012-05-20 16:58:30 +08:00
Senthil Kumaran	0b943a18ef	Issue #14426 : Correct the Date format in Expires attribute of Set-Cookie. Patch by Federico Reghenzani and Müte Invert	2012-05-20 12:06:51 +08:00
Senthil Kumaran	00c2ec282e	Issue #14426 : Correct the Date format in Expires attribute of Set-Cookie. Patch by Federico Reghenzani and Müte Invert	2012-05-20 12:05:16 +08:00
Senthil Kumaran	3a441c1bed	Fix Issue2193 - Allow ":" character in Cookie NAME values	2012-04-22 09:19:04 +08:00
R. David Murray	e05ca2aff4	#9824 : encode , and ; in cookie values so that browsers don't split on them There is a small chance of backward incompatibility here, but only for non-SimpleCookie applications reading SimpleCookie generated cookies. Even then, any such ap is likely to be handling escaped values already, and it would take a fairly perverse implementation of unescaping to fail to unescape these newly escaped chars, so the risk seems minimal.	2010-12-28 18:54:13 +00:00
Georg Brandl	cbd2ab1311	#1513299 : cleanup some map() uses where a comprehension works better.	2010-12-04 10:39:14 +00:00
Georg Brandl	b16e38b825	#8826 : the "expires" attribute value is a date string with spaces, but apparently not all user-agents put it in quotes. Handle that as a special case.	2010-08-01 09:06:34 +00:00
Georg Brandl	76e155a157	#3788 : more tests for http.cookies, now at 95% coverage. Also bring coding style in the module up to PEP 8, where it does not break backwards compatibility.	2010-07-31 21:04:00 +00:00
Benjamin Peterson	90f5ba538b	convert shebang lines: python -> python3	2010-03-11 22:53:45 +00:00
Benjamin Peterson	8719ad5dde	Merged revisions 74277,74321,74323,74326,74355,74465,74467,74488,74492,74513,74531,74549,74553,74625,74632,74643-74644,74647,74652,74666,74671,74727,74739 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r74277 \| sean.reifschneider \| 2009-08-01 18:54:55 -0500 (Sat, 01 Aug 2009) \| 3 lines - Issue #6624: yArg_ParseTuple with "s" format when parsing argument with NUL: Bogus TypeError detail string. ........ r74321 \| guilherme.polo \| 2009-08-05 11:51:41 -0500 (Wed, 05 Aug 2009) \| 1 line Easier reference to find (at least while svn continues being used). ........ r74323 \| guilherme.polo \| 2009-08-05 18:48:26 -0500 (Wed, 05 Aug 2009) \| 1 line Typo. ........ r74326 \| jesse.noller \| 2009-08-05 21:05:56 -0500 (Wed, 05 Aug 2009) \| 1 line Fix issue 4660: spurious task_done errors in multiprocessing, remove doc note for from_address ........ r74355 \| gregory.p.smith \| 2009-08-12 12:02:37 -0500 (Wed, 12 Aug 2009) \| 2 lines comment typo fix ........ r74465 \| vinay.sajip \| 2009-08-15 18:23:12 -0500 (Sat, 15 Aug 2009) \| 1 line Added section on logging to one file from multiple processes. ........ r74467 \| vinay.sajip \| 2009-08-15 18:34:47 -0500 (Sat, 15 Aug 2009) \| 1 line Refined section on logging to one file from multiple processes. ........ r74488 \| vinay.sajip \| 2009-08-17 08:14:37 -0500 (Mon, 17 Aug 2009) \| 1 line Further refined section on logging to one file from multiple processes. ........ r74492 \| r.david.murray \| 2009-08-17 14:26:49 -0500 (Mon, 17 Aug 2009) \| 2 lines Issue 6685: 'toupper' -> 'upper' in cgi doc example explanation. ........ r74513 \| skip.montanaro \| 2009-08-18 09:37:52 -0500 (Tue, 18 Aug 2009) \| 1 line missing module ref (issue6723) ........ r74531 \| vinay.sajip \| 2009-08-20 17:04:32 -0500 (Thu, 20 Aug 2009) \| 1 line Added section on exceptions raised during logging. ........ r74549 \| benjamin.peterson \| 2009-08-24 12:42:36 -0500 (Mon, 24 Aug 2009) \| 1 line fix pdf building by teaching latex the right encoding package ........ r74553 \| r.david.murray \| 2009-08-26 20:04:59 -0500 (Wed, 26 Aug 2009) \| 2 lines Remove leftover text from end of sentence. ........ r74625 \| benjamin.peterson \| 2009-09-01 17:27:57 -0500 (Tue, 01 Sep 2009) \| 1 line remove the check that classmethod's argument is a callable ........ r74632 \| georg.brandl \| 2009-09-03 02:27:26 -0500 (Thu, 03 Sep 2009) \| 1 line #6828: fix wrongly highlighted blocks. ........ r74643 \| georg.brandl \| 2009-09-04 01:59:20 -0500 (Fri, 04 Sep 2009) \| 2 lines Issue #2666: Handle BROWSER environment variable properly for unknown browser names in the webbrowser module. ........ r74644 \| georg.brandl \| 2009-09-04 02:55:14 -0500 (Fri, 04 Sep 2009) \| 1 line #5047: remove Monterey support from configure. ........ r74647 \| georg.brandl \| 2009-09-04 03:17:04 -0500 (Fri, 04 Sep 2009) \| 2 lines Issue #5275: In Cookie's Cookie.load(), properly handle non-string arguments as documented. ........ r74652 \| georg.brandl \| 2009-09-04 06:25:37 -0500 (Fri, 04 Sep 2009) \| 1 line #6756: add some info about the "acct" parameter. ........ r74666 \| georg.brandl \| 2009-09-05 04:04:09 -0500 (Sat, 05 Sep 2009) \| 1 line #6841: remove duplicated word. ........ r74671 \| georg.brandl \| 2009-09-05 11:47:17 -0500 (Sat, 05 Sep 2009) \| 1 line #6843: add link from filterwarnings to where the meaning of the arguments is covered. ........ r74727 \| benjamin.peterson \| 2009-09-08 18:04:22 -0500 (Tue, 08 Sep 2009) \| 1 line #6865 fix ref counting in initialization of pwd module ........ r74739 \| georg.brandl \| 2009-09-11 02:55:20 -0500 (Fri, 11 Sep 2009) \| 1 line Move function back to its section. ........	2009-09-11 22:24:02 +00:00
Georg Brandl	9cf32a12a1	Turn some comments into docstrings.	2009-09-04 08:28:01 +00:00
Georg Brandl	4eff9f7ff7	Remove pseudo-end markers from http.cookies.	2009-09-04 08:22:00 +00:00
Senthil Kumaran	3e2ea79bda	Fixing the issue4860. Escaping the embedded '"' in the js_output method of Morsel class.	2009-04-02 03:02:03 +00:00
Benjamin Peterson	35e661c711	Merged revisions 66262 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r66262 \| benjamin.peterson \| 2008-09-06 14:28:11 -0500 (Sat, 06 Sep 2008) \| 4 lines #1638033: add support for httponly on Cookie.Morsel Reviewer: Benjamin ........	2008-09-06 19:37:35 +00:00
Antoine Pitrou	fd036451bf	#2834 : Change re module semantics, so that str and bytes mixing is forbidden, and str (unicode) patterns get full unicode matching by default. The re.ASCII flag is also introduced to ask for ASCII matching instead.	2008-08-19 17:56:33 +00:00
Georg Brandl	6101395e74	Remove deprecated SmartCookie and SerialCookie classes.	2008-05-28 15:56:30 +00:00
Georg Brandl	2442015af2	Create http package. #2883 .	2008-05-26 16:32:26 +00:00

41 commits