#27328: return `Set-Cookie` if sessionid=  None value
     Reporter:  Ramin Farajpour      |                    Owner:  nobody
  Cami                               |
         Type:  Bug                  |                   Status:  new
    Component:  HTTP handling        |                  Version:  1.10
     Severity:  Normal               |               Resolution:
     Keywords:                       |             Triage Stage:
                                     |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0

Comment (by Collin Anderson):

 Hi Ramin,

 The goal of `parse_cookie()` is to try to give an exact as possible `dict`
 representation of the `Cookie:` header. It seems intuitive to me that
 `sessionid=; csrftoken=d` would translate to `{'sessionid': '',
 'csrftoken': 'd'}`. You want `parse_cookie()` to ignore cookies with no
 value, but Django has always kept cookies with empty values like these,
 even before I refactored the parse_cookie code recently. Before that
 Django used Python's Cookie library to parse cookies, which also keeps
 cookies with empty values.

 Even if we were to change Django to not delete empty `sessionid` cookies,
 that should be a change to the _session_ code (to not call `delete_cookie`
 in that case), not a change to the cookie parsing code. Does that seem

Ticket URL: <https://code.djangoproject.com/ticket/27328#comment:11>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to