URL: https://github.com/freeipa/freeipa/pull/532 Author: stlaz Title: #532: Fix cookie with Max-Age processing Action: opened
PR body: """ When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/532/head:pr532 git checkout pr532
From 01e27de70dbf65d31587b66047c3ab966ac222c9 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Thu, 2 Mar 2017 09:11:34 +0100 Subject: [PATCH] Fix cookie with Max-Age processing When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 --- ipalib/rpc.py | 12 ++++++++---- ipapython/cookie.py | 5 ++++- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/ipalib/rpc.py b/ipalib/rpc.py index f2cdad9..ef2a811 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -759,9 +759,11 @@ def store_session_cookie(self, cookie_header): session_cookie = None try: for cookie in cookie_header: - session_cookie = \ - Cookie.get_named_cookie_from_string(cookie, COOKIE_NAME, - request_url) + session_cookie = ( + Cookie.get_named_cookie_from_string( + cookie, COOKIE_NAME, request_url, + timestamp=datetime.datetime.now()) + ) if session_cookie is not None: break except Exception as e: @@ -861,7 +863,9 @@ def get_session_cookie_from_persistent_storage(self, principal): # Search for the session cookie within the cookie string try: - session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) + session_cookie = Cookie.get_named_cookie_from_string( + cookie_string, COOKIE_NAME, + timestamp=datetime.datetime.now()) except Exception: return None diff --git a/ipapython/cookie.py b/ipapython/cookie.py index 57523a4..9797fc1 100644 --- a/ipapython/cookie.py +++ b/ipapython/cookie.py @@ -322,7 +322,8 @@ def parse(cls, cookie_string, request_url=None): return cookies @classmethod - def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=None): + def get_named_cookie_from_string(cls, cookie_string, cookie_name, + request_url=None, timestamp=None): ''' A cookie string may contain multiple cookies, parse the cookie string and return the last cookie in the string matching the @@ -344,6 +345,8 @@ def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=No if cookie.key == cookie_name: target_cookie = cookie + if timestamp is not None: + target_cookie.timestamp = timestamp if request_url is not None: target_cookie.normalize(request_url) return target_cookie
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code