| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
| |
* Add support for 'partitioned' attribute in http.cookies
Co-authored-by: Giles Copp <gilesc@dropbox.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
|
| |
|
|
|
|
|
| |
(#123405)
Co-authored-by: Wulian <1055917385@qq.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
|
| |
|
|
|
|
| |
backslashes (GH-123075)
This fixes CVE-2024-7592.
|
| |
|
| |
Alo use load_tests() for adding tests.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* bpo-29613: Added support for SameSite cookies
Implemented as per draft
https://tools.ietf.org/html/draft-west-first-party-cookies-07
* Documented SameSite
And suggestions by members.
* Missing space :(
* Updated News and contributors
* Added version changed details.
* Fix in documentation
* fix in documentation
* Clubbed test cases for same attribute into single.
* Updates
* Style nits + expand tests
* review feedback
|
| |
|
| |
Make also minor PEP8 coding style fixes on modified imports.
|
| | |
|
| |
|
|
| |
(correcting regression in Python 3.5).
|
| |\ |
|
| | |\ |
|
| | | |\ |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
with non-standard cookie handling in some Web browsers.
Reported by Sergey Bobrov.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also deprecate the undocumented set argument instead of removing
it already in 3.5.
Initial patch by Demian Brecht.
|
| | | | |
| | | |
| | | |
| | | | |
broken after converting instance attributes to properies in issue #2211.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Setting attributes key, value and coded_value directly now is deprecated.
update() and setdefault() now transform and check keys. Comparing for
equality now takes into account attributes key, value and coded_value.
copy() now returns a Morsel, not a dict. repr() now contains all attributes.
Optimized checking keys and quoting values. Added new tests.
Original patch by Demian Brecht.
|
| |\| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
impls (closes #23250)
Patch by Jon Dufresne.
|
| |/ / /
| | |
| | |
| | | |
against potential injection attacks.
|
| |/ /
| |
| |
| | |
and above. Patch by Tim Graham.
|
| | |
| |
| |
| |
| |
| | |
with non-standard cookie handling in some Web browsers.
Reported by Sergey Bobrov.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously it generated them if they were given a value, but completely
ignored them if they were present in the string passed in to be parsed. Now
if the flag appears on a cookie, the corresponding Morsel key will reference a
True value. Other pre-existing behavior is retained in this maintenance
patch: if the source contains something like 'secure=foo', morsel['secure']
will return 'foo'. Since such a value doesn't round trip and never did (and
would be a surprising occurrence) a subsequent non-bug-fix patch may change
this behavior.
Inspired by a patch from Julien Phalip, who reviewed this one.
|
| |\|
| |
| |
| | |
Patch by Federico Reghenzani and Müte Invert
|
| | |
| |
| |
| | |
Patch by Federico Reghenzani and Müte Invert
|
| |/ |
|
| |
|
|
|
|
|
|
| |
There is a small chance of backward incompatibility here, but only for
non-SimpleCookie applications reading SimpleCookie generated cookies. Even
then, any such ap is likely to be handling escaped values already, and it would
take a fairly perverse implementation of unescaping to fail to unescape these
newly escaped chars, so the risk seems minimal.
|
| |
|
|
| |
apparently not all user-agents put it in quotes. Handle that as a special case.
|
| |
|
|
| |
style in the module up to PEP 8, where it does not break backwards compatibility.
|
| | |
|
| |
|
|
| |
Morsel class.
|
| | |
|
| |
|
