Ticket #5911: 5911-3.patch

File 5911-3.patch, 4.1 KB (added by Dario Vinella, 4 years ago)
  • twisted/web/http.py

    diff --git a/twisted/web/http.py b/twisted/web/http.py
    index c9bd313..6b6d2bb 100644
    a b class Request: 
    10221022            else:
    10231023                self.transport.write(data)
    10241024
    1025     def addCookie(self, k, v, expires=None, domain=None, path=None, max_age=None, comment=None, secure=None):
     1025    def addCookie(self, k, v, expires=None, domain=None, path=None,
     1026                  max_age=None, comment=None, secure=None, httpOnly=False):
    10261027        """
    10271028        Set an outgoing HTTP cookie.
    10281029
    10291030        In general, you should consider using sessions instead of cookies, see
    10301031        L{twisted.web.server.Request.getSession} and the
    10311032        L{twisted.web.server.Session} class for details.
     1033
     1034        @param k: cookie name
     1035
     1036        @param v: cookie value
     1037
     1038        @param expires: cookie expire attribute value in
     1039        "Wdy, DD Mon YYYY HH:MM:SS GMT" format
     1040
     1041        @param domain: cookie domain
     1042
     1043        @param path: cookie path
     1044
     1045        @param max_age: cookie expiration in seconds from reception
     1046
     1047        @param comment: cookie comment
     1048
     1049        @param secure: direct browser to send the cookie on encrypted
     1050        connections only
     1051
     1052        @param httpOnly: direct browser not to expose cookies through channels
     1053        other than HTTP (and HTTPS) requests
     1054
     1055
    10321056        """
    10331057        cookie = '%s=%s' % (k, v)
    10341058        if expires is not None:
    1035             cookie = cookie +"; Expires=%s" % expires
     1059            cookie = cookie + "; Expires=%s" % (expires, )
    10361060        if domain is not None:
    1037             cookie = cookie +"; Domain=%s" % domain
     1061            cookie = cookie + "; Domain=%s" % (domain, )
    10381062        if path is not None:
    1039             cookie = cookie +"; Path=%s" % path
     1063            cookie = cookie + "; Path=%s" % (path, )
    10401064        if max_age is not None:
    1041             cookie = cookie +"; Max-Age=%s" % max_age
     1065            cookie = cookie + "; Max-Age=%s" % (max_age, )
    10421066        if comment is not None:
    1043             cookie = cookie +"; Comment=%s" % comment
     1067            cookie = cookie + "; Comment=%s" % (comment, )
    10441068        if secure:
    1045             cookie = cookie +"; Secure"
     1069            cookie = cookie + "; Secure"
     1070        if httpOnly:
     1071            cookie = cookie + "; HttpOnly"
    10461072        self.cookies.append(cookie)
    10471073
    10481074    def setResponseCode(self, code, message=None):
  • twisted/web/test/test_http.py

    diff --git a/twisted/web/test/test_http.py b/twisted/web/test/test_http.py
    index 81ab830..2b36bba 100644
    a b class RequestTests(unittest.TestCase, ResponseTestMixin): 
    14631463        self.assertEqual(req.responseHeaders.getRawHeaders(b"test"), [b"lemur"])
    14641464
    14651465
     1466    def test_addCookie(self):
     1467        """
     1468        L{http.Request.addCookie} adds a Set-Cookie header to the response.
     1469        """
     1470        req = http.Request(DummyChannel(), False)
     1471        req.addCookie("foo", "bar")
     1472        self.assertEqual("foo=bar", req.cookies[0])
     1473
     1474
     1475    def test_addCookieWithAttibutes(self):
     1476        """
     1477        L{http.Request.addCookie} adds a Set-Cookie header with cookie
     1478        attributes to the response.
     1479        """
     1480        req = http.Request(DummyChannel(), False)
     1481        req.addCookie(
     1482            "foo", "bar", expires="Fri, 31 Dec 9999 23:59:59 GMT",
     1483            domain=".example.com", path="/", max_age="31536000",
     1484            comment="test", secure=True, httpOnly=True)
     1485        self.assertIn("Expires=Fri, 31 Dec 9999 23:59:59 GMT", req.cookies[0])
     1486        self.assertIn("Domain=.example.com", req.cookies[0])
     1487        self.assertIn("Path=/", req.cookies[0])
     1488        self.assertIn("Max-Age=31536000", req.cookies[0])
     1489        self.assertIn("Comment=test", req.cookies[0])
     1490        self.assertIn("Secure", req.cookies[0])
     1491        self.assertIn("HttpOnly", req.cookies[0])
     1492
     1493
    14661494    def test_firstWrite(self):
    14671495        """
    14681496        For an HTTP 1.0 request, L{http.Request.write} sends an HTTP 1.0
  • new file twisted/web/topfiles/5911.feature

    diff --git a/twisted/web/topfiles/5911.feature b/twisted/web/topfiles/5911.feature
    new file mode 100644
    index 0000000..6560891
    - +  
     1twisted.web.http.Request.addCookie now supports httpOnly attribute.