cyclone icon indicating copy to clipboard operation
cyclone copied to clipboard
verified publisher icon fiorix

Invalid cookies if present are silently ignored

Open shasts opened this issue 5 years ago • 0 comments

tornado fixes this issue in https://github.com/tornadoweb/tornado/pull/1852. Python 3.8 cookie parsing is still "broken".

from http import cookies as http_cookies
cookies = http_cookies.SimpleCookie()
cookies.load('first=aaa; lt-session-data={"id":"0.3826a069174c085cb71","lastUpdatedDate":"2020-09-24T14:30:27.954Z"}; second=xxxx')
print(cookies)

Above snippet outputs: Set-Cookie: first=aaa.

cyclone is also affected by this bug. If there is an invalid cookie in the middle of ; separated cookies, the cookies after the invalid one are not available in the RequestHandler.cookies list.

shasts avatar Oct 13 '20 17:10 shasts