#27328: return `Set-Cookie` if sessionid= None value -------------------------------------+------------------------------------- Reporter: Ramin Farajpour | Owner: nobody Cami | Type: Bug | Status: new Component: HTTP handling | Version: 1.10 Severity: Normal | Resolution: Keywords: | Triage Stage: | Unreviewed Has patch: 0 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 -------------------------------------+-------------------------------------
Comment (by Collin Anderson): Hi Ramin, The goal of `parse_cookie()` is to try to give an exact as possible `dict` representation of the `Cookie:` header. It seems intuitive to me that `sessionid=; csrftoken=d` would translate to `{'sessionid': '', 'csrftoken': 'd'}`. You want `parse_cookie()` to ignore cookies with no value, but Django has always kept cookies with empty values like these, even before I refactored the parse_cookie code recently. Before that Django used Python's Cookie library to parse cookies, which also keeps cookies with empty values. Even if we were to change Django to not delete empty `sessionid` cookies, that should be a change to the _session_ code (to not call `delete_cookie` in that case), not a change to the cookie parsing code. Does that seem right? -- Ticket URL: <https://code.djangoproject.com/ticket/27328#comment:11> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To post to this group, send email to django-updates@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/065.e34b9f2dcfe052a212f8572b5f220606%40djangoproject.com. For more options, visit https://groups.google.com/d/optout.