[Moin-user] Upgrade 1.5.7 > 1.7.2 external cookie problem

Thomas Waldmann tw-public at gmx.de
Mon Sep 15 07:06:07 EDT 2008

Hi Michael,

when going from 1.5 to 1.7, you'll have to upgrade your auth stuff, see
the code in MoinMoin.auth package (we use auth objects now, not
functions any more).

> 2008-09-14 15:32:31,075 WARNING MoinMoin.request:1383 Duplicate http
> header: 'Set-Cookie: MOIN_SESSION=y7ym4j6kmckngraloomzj0wvceh5n1sz;
> Domain=.nsf.att.com; expires=
> Wednesday, 12-Sep-18 19:32:30 GMT; Max-Age=315359999; Path=/tdev;' (ignored)

Seems like the duplicate header check is either not appropriate or
incorrect for this case.

I introduced that code quite some time ago to help with cleaning up the
http headers mess that moin had back then (many http headers that shoud
be there only once like status, content-type, cache control were
duplicate in some cases, sometimes it emitted all the headers
twice, ...).

But I guess for setting multiple cookies, we need to either merge the
set-cookie header values into one or introduce some special treatment in
case this is not allowed.

Please have a look at MoinMoin/request/__init__.py:emit_http_headers.

    if lkey in ['vary', 'cache-control', 'content-language', ]:

These are the headers we allow multiple times and just merge their
values into a single header. Please add 'set-cookie' to that list and
try if that works (it won't give exceptions any more, but you have to
check if BOTH cookies work correctly).

If that doesn't work, we need to add some special treatment (non-trivial
as the current code uses a dict headername -> headervalue).



More information about the Moin-user mailing list