Re: secure argument to set_cookie should accept False

[Don Arbow]

On Nov 1, 2006, at 4:19 PM, Shannon -jj Behrens wrote: Hi, I'm looking at ttp://code.djangoproject.com/browser/django/trunk/django/http/__init__.py#L199.  It seems very natural to pass a value of False to the secure argument instead of None, but if you do this, it gets treated as if you passed secure=True.  That's because the code is checking for equality with None instead of using Python's general truth mechanism.  The code is:           for var in ('max_age', 'path', 'domain', 'secure', 'expires'):               val = locals()[var]               if val is not None:                   self.cookies[key][var.replace('_', '-')] = val The only place that Django calls set_cookie is in django/contrib/sessions/middleware.py and the process_method there sets the secure argument to either to the value of the SESSION_COOKIE_SECURE setting or None. So it never passes False and the code you quoted doesn't have to special case the value of the secure argument. You can see the change to the set_cookie call in changeset 3570: http://code.djangoproject.com/changeset/3570 Don --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---