[Trac-tickets] Re: [The Trac Project] #2256: Wrong cookie is retrieved when loading trac

Wed, 14 Jun 2006 12:14:04 -0700 

#2256: Wrong cookie is retrieved when loading trac
-------------------------------+--------------------------------------------
 Reporter:  [EMAIL PROTECTED]  |        Owner:  jonas   
     Type:  defect             |       Status:  reopened
 Priority:  normal             |    Milestone:          
Component:  general            |      Version:  0.8.4   
 Severity:  major              |   Resolution:          
 Keywords:                     |  
-------------------------------+--------------------------------------------
Comment (by mgood):

 I guess it's reasonable to try to ignore errors parsing cookies, though
 bug reports should be filed for the applications such as WebSVN that are
 setting these invalid cookies.

 I've come up with a patch that overrides the cookie loading in order to
 skip the cookies that could not be loaded.  Unfortunately this requires
 overloading private methods of the `BaseCookie` class in various non-
 obvious ways.  The methods are patched before loading the cookies and then
 cleaned up afterwards to restore the standard behavior elsewhere in Trac.
 I'll post it here for comments:

 {{{
 #!diff
 --- trac/web/api.py     (revision 9983)
 +++ trac/web/api.py     (local)
 @@ -15,7 +15,7 @@
  # Author: Christopher Lenz <[EMAIL PROTECTED]>

  from BaseHTTPServer import BaseHTTPRequestHandler
 -from Cookie import SimpleCookie as Cookie
 +from Cookie import CookieError, SimpleCookie as Cookie
  import cgi
  import mimetypes
  import os
 @@ -130,7 +130,22 @@
          self.incookie = Cookie()
          cookie = self.get_header('Cookie')
          if cookie:
 +            old_set = self.incookie._BaseCookie__set
 +            bad_cookies = []
 +            def safe_set(key, real_value, coded_value):
 +                try:
 +                    old_set(key, real_value, coded_value)
 +                except CookieError:
 +                    bad_cookies.append(key)
 +                    dict.__setitem__(self.incookie, key, None)
 +            # override Cookie.set to ignore cookies with parse errors
 +            self.incookie._BaseCookie__set = safe_set
 +            # load the cookie values
              self.incookie.load(cookie)
 +            # clean up the Cookie.set overriding
 +            self.incookie._BaseCookie__set = old_set
 +            for key in bad_cookies:
 +                del self.incookie[key]
          self.outcookie = Cookie()

          self.base_url = self.environ.get('trac.base_url')
 }}}

-- 
Ticket URL: <http://projects.edgewall.com/trac/ticket/2256>
The Trac Project <http://trac.edgewall.com/>
_______________________________________________
Trac-Tickets mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-tickets

Reply via email to