URL: https://github.com/freeipa/freeipa/pull/610 Author: stlaz Title: #610: [4.3] Fix cookie with Max-Age processing Action: opened
PR body: """ When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/610/head:pr610 git checkout pr610
From 23eb7a27f00b418314beb1c69efeff5d45403607 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Thu, 2 Mar 2017 09:11:34 +0100 Subject: [PATCH] Fix cookie with Max-Age processing When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 --- ipalib/rpc.py | 13 +++++++++---- ipapython/cookie.py | 5 ++++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/ipalib/rpc.py b/ipalib/rpc.py index 207149e..ef3a2a7 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -693,8 +693,11 @@ def store_session_cookie(self, cookie_header): # Search for the session cookie try: - session_cookie = Cookie.get_named_cookie_from_string(cookie_header, - COOKIE_NAME, request_url) + session_cookie = ( + Cookie.get_named_cookie_from_string( + cookie_header, COOKIE_NAME, request_url, + timestamp=datetime.datetime.utcnow()) + ) except Exception as e: root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return @@ -788,8 +791,10 @@ def get_session_cookie_from_persistent_storage(self, principal): # Search for the session cookie within the cookie string try: - session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) - except Exception as e: + session_cookie = Cookie.get_named_cookie_from_string( + cookie_string, COOKIE_NAME, + timestamp=datetime.datetime.utcnow()) + except Exception: return None return session_cookie diff --git a/ipapython/cookie.py b/ipapython/cookie.py index d32640a..6f7bc6c 100644 --- a/ipapython/cookie.py +++ b/ipapython/cookie.py @@ -321,7 +321,8 @@ def parse(cls, cookie_string, request_url=None): return cookies @classmethod - def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=None): + def get_named_cookie_from_string(cls, cookie_string, cookie_name, + request_url=None, timestamp=None): ''' A cookie string may contain multiple cookies, parse the cookie string and return the last cookie in the string matching the @@ -343,6 +344,8 @@ def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=No if cookie.key == cookie_name: target_cookie = cookie + if timestamp is not None: + target_cookie.timestamp = timestamp if request_url is not None: target_cookie.normalize(request_url) return target_cookie
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code