New submission from Rebecka: The cookielib module uses time.time(), which produces a timestamp in the local timezone (as read from the system time?), as the timestamp against which expiration dates in cookies are compared.
However, typical usage of HTTP cookies would be specifying the expiration date in UTC. This assumption seems to be supported for example by the inclusion of cookielib.http2time, which (only) supports UTC timestamps. This behaviour is also included in e.g. MozillaCookieJar, which (erroneously) excludes cookies from being saved/loaded based on the local timestamp from time.time(). See the attached file for a small example where the check if a cookie is expired against a UTC time is correct but the check against local time fails (simulating the behaviour of the cookielib module). ---------- components: Library (Lib) files: cookie_timestamp_test.py messages: 226056 nosy: regu0004 priority: normal severity: normal status: open title: cookielib uses time.time(), making incorrect checks of expiration times in cookies type: behavior versions: Python 2.7 Added file: http://bugs.python.org/file36502/cookie_timestamp_test.py _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22296> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
