[Python-checkins] cpython (3.2): allow square brackets in cookie values (closes #22931)
benjamin.peterson
python-checkins at python.org
Sat May 23 17:48:14 CEST 2015
https://hg.python.org/cpython/rev/710cdba13323
changeset: 96230:710cdba13323
branch: 3.2
parent: 95786:91096d27c802
user: Benjamin Peterson <benjamin at python.org>
date: Sat May 23 10:36:48 2015 -0500
summary:
allow square brackets in cookie values (closes #22931)
files:
Lib/http/cookies.py | 7 ++++---
Lib/test/test_http_cookies.py | 14 ++++++++++++++
Misc/NEWS | 5 +++++
3 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
--- a/Lib/http/cookies.py
+++ b/Lib/http/cookies.py
@@ -429,12 +429,13 @@
# result, the parsing rules here are less strict.
#
-_LegalCharsPatt = r"[\w\d!#%&'~_`><@,:/\$\*\+\-\.\^\|\)\(\?\}\{\=]"
+_LegalKeyChars = r"\w\d!#%&'~_`><@,:/\$\*\+\-\.\^\|\)\(\?\}\{\="
+_LegalValueChars = _LegalKeyChars + '\[\]'
_CookiePattern = re.compile(r"""
(?x) # This is a verbose pattern
\s* # Optional whitespace at start of cookie
(?P<key> # Start of group 'key'
- """ + _LegalCharsPatt + r"""+? # Any word of at least one letter
+ [""" + _LegalKeyChars + r"""]+? # Any word of at least one letter
) # End of group 'key'
\s*=\s* # Equal Sign
(?P<val> # Start of group 'val'
@@ -442,7 +443,7 @@
| # or
\w{3},\s[\w\d\s-]{9,11}\s[\d:]{8}\sGMT # Special case for "expires" attr
| # or
- """ + _LegalCharsPatt + r"""* # Any word or empty string
+ [""" + _LegalValueChars + r"""]* # Any word or empty string
) # End of group 'val'
\s*;? # Probably ending in a semi-colon
""", re.ASCII) # May be removed if safe.
diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
--- a/Lib/test/test_http_cookies.py
+++ b/Lib/test/test_http_cookies.py
@@ -34,6 +34,20 @@
'dict': {'keebler' : 'E=mc2'},
'repr': "<SimpleCookie: keebler='E=mc2'>",
'output': 'Set-Cookie: keebler=E=mc2'},
+
+ # issue22931 - Adding '[' and ']' as valid characters in cookie
+ # values as defined in RFC 6265
+ {
+ 'data': 'a=b; c=[; d=r; f=h',
+ 'dict': {'a':'b', 'c':'[', 'd':'r', 'f':'h'},
+ 'repr': "<SimpleCookie: a='b' c='[' d='r' f='h'>",
+ 'output': '\n'.join((
+ 'Set-Cookie: a=b',
+ 'Set-Cookie: c=[',
+ 'Set-Cookie: d=r',
+ 'Set-Cookie: f=h'
+ ))
+ }
]
for case in cases:
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,11 @@
- Issue #23055: Fixed a buffer overflow in PyUnicode_FromFormatV. Analysis
and fix by Guido Vranken.
+Library
+-------
+
+- Issue #22931: Allow '[' and ']' in cookie values.
+
What's New in Python 3.2.6?
===========================
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list