commit 897041c08eb6a54e8b181781718412d1500e9800
Author: Simone Basso <bassosim...@gmail.com>
Date:   Mon Sep 19 12:12:42 2016 +0200

    Revert "Revert "ui/web/server.py: pass binary, not unicode cookies""
    
    This reverts commit baee35fe51e70547e6128885ee0a97e1937d95d0 because
    apparently the error was on a unrelated code path.
---
 ooni/ui/web/server.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ooni/ui/web/server.py b/ooni/ui/web/server.py
index eec82d3..385bf18 100644
--- a/ooni/ui/web/server.py
+++ b/ooni/ui/web/server.py
@@ -56,13 +56,13 @@ def xsrf_protect(check=True):
         @wraps(f)
         def wrapper(instance, request, *a, **kw):
             should_check = check and instance._enable_xsrf_protection
-            token_cookie = request.getCookie(u'XSRF-TOKEN')
+            token_cookie = request.getCookie(b'XSRF-TOKEN')
             token_header = request.getHeader(b"X-XSRF-TOKEN")
             if (token_cookie != instance._xsrf_token and
                     instance._enable_xsrf_protection):
-                request.addCookie(u'XSRF-TOKEN',
+                request.addCookie(b'XSRF-TOKEN',
                                   instance._xsrf_token,
-                                  path=u'/')
+                                  path=b'/')
             if should_check and token_cookie != token_header:
                 raise WebUIError(404, "Invalid XSRF token")
             return f(instance, request, *a, **kw)
@@ -161,7 +161,7 @@ class WebUIAPI(object):
         # We use a double submit token to protect against XSRF
         rng = SystemRandom()
         token_space = string.letters+string.digits
-        self._xsrf_token = ''.join([rng.choice(token_space)
+        self._xsrf_token = b''.join([rng.choice(token_space)
                                     for _ in range(30)])
 
         self._director_started = False



_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Reply via email to