[1.2.X] Fixed #13007 -- Made cookie parsing resilent to the presence of... (af03867f) · Commits · Dom Sekotill / django

django/http/init.py

+21 −1

Original line number	Diff line number	Diff line
		@@ -276,13 +276,33 @@ class CompatCookie(SimpleCookie):

		return val, encoded

		def load(self, rawdata, ignore_parse_errors=False):
		if ignore_parse_errors:
		self.bad_cookies = []
		self._BaseCookie__set = self._loose_set
		SimpleCookie.load(self, rawdata)
		if ignore_parse_errors:
		self._BaseCookie__set = self._strict_set
		for key in self.bad_cookies:
		del self[key]

		_strict_set = BaseCookie._BaseCookie__set

		def _loose_set(self, key, real_value, coded_value):
		try:
		self._strict_set(key, real_value, coded_value)
		except CookieError:
		self.bad_cookies.append(key)
		dict.__setitem__(self, key, None)


		def parse_cookie(cookie):
		if cookie == '':
		return {}
		if not isinstance(cookie, BaseCookie):
		try:
		c = CompatCookie()
		c.load(cookie)
		c.load(cookie, ignore_parse_errors=True)
		except CookieError:
		# Invalid cookie
		return {}

+8 −1

Original line number	Diff line number	Diff line
		@@ -2,7 +2,8 @@ import copy
		import pickle
		import unittest

		from django.http import QueryDict, HttpResponse, CompatCookie, BadHeaderError
		from django.http import (QueryDict, HttpResponse, CompatCookie, BadHeaderError,
		parse_cookie)


		class QueryDictTests(unittest.TestCase):
		@@ -264,3 +265,9 @@ class CookieTests(unittest.TestCase):
		c2 = CompatCookie()
		c2.load(c.output())
		self.assertEqual(c['test'].value, c2['test'].value)

		def test_nonstandard_keys(self):
		"""
		Test that a single non-standard cookie name doesn't affect all cookies. Ticket #13007.
		"""
		self.assertTrue('good_cookie' in parse_cookie('good_cookie=yes;bad:cookie=yes').keys())