#27328: return `Set-Cookie` if sessionid= None value
-------------------------------------+-------------------------------------
Reporter: Ramin Farajpour | Owner: nobody
Cami |
Type: Bug | Status: new
Component: HTTP handling | Version: 1.10
Severity: Normal | Resolution:
Keywords: | Triage Stage:
| Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Ramin Farajpour Cami):
Thanks Collin,
i know, sessionid is invalid , I'm still unconvinced why `sessionid` is
empty call method `delete_cookie` while `sessionid` is empty, if you look
rails when send empty sessionid nothing response `Set-Cookie: sessionid=;
expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/`
in your code you have checked
{{{
if key or val:
# unquote using Python's algorithm.
cookiedict[key] = http_cookies._unquote(val)
}}}
`if key or val:` but val is here empty string and value `key` is
`sessionid` and value `val` is ` '' `, if `sessionid` is bad i means bad
value you'r are right, no sessionid is empty pass `parse_cookie` method
and call `delete_cookie `
why you in line
https://github.com/django/django/blob/master/django/http/cookie.py#L74 use
`or` ? why not `and`? for check empty value sessionid on request AJAX no
browser,
--
Ticket URL: <https://code.djangoproject.com/ticket/27328#comment:10>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/065.144a4e5e135a4579254771b60d480630%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
