On 6/17/2014 9:08 PM, Mark Lawrence wrote:
On 18/06/2014 01:56, Makoto Kuwata wrote:

I found a bug on SimpleCookie#load() which doesn't parse
'secure' and 'httponly' attributes correctly.

         from Cookie import SimpleCookie
         from http.cookies import SimpleCookie
     ck = SimpleCookie()
     ck.load('name1=value1; Path=/xxx; httponly; secure')
     print(ck.output())  #=> Set-Cookie: name1=value1; Path=/xxx
             # (Missing 'httponly' and 'secure' attributes on Python <

This bug has been registered as #16611, and fixed on 3.3.3.
But it is not backported into Python 2.7.

My question: Is there any plan to backport the fix to Python 2.7?

Do you have any plan to upgrade to 3.4, so you get *all* the bugfixes possible?

The simple answer is no.  The longer answer is, if you want to propose a
patch to backport the fix, it's more likely that somebody will do the
work to commit it as support for 2.7 has been extended until 2020.
Please note that I said "more likely", there's no guarantee given that
Python relies so much on volunteers.

The extended support is mostly focused on build (compiler) and security (internet) issues, to support software already written and *working* on 2.7.

That said, if someone were to modify the patch to it could be imported to 2.7 (at least changing file names) or make changes to the relevant files by hand; run the tests, with whatever changes are needed so that they do run; and change the code as needed so all tests pass; sign the contributor agreement; and post a properly formatted test to the tracker and indicate a readiness to respond to comments; then it might get some attention.

Terry Jan Reedy


Reply via email to