On 6/17/2014 9:08 PM, Mark Lawrence wrote:
On 18/06/2014 01:56, Makoto Kuwata wrote:
Hi,
I found a bug on SimpleCookie#load() which doesn't parse
'secure' and 'httponly' attributes correctly.
try:
from Cookie import SimpleCookie
except:
from http.cookies import SimpleCookie
ck = SimpleCookie()
ck.load('name1=value1; Path=/xxx; httponly; secure')
print(ck.output()) #=> Set-Cookie: name1=value1; Path=/xxx
# (Missing 'httponly' and 'secure' attributes on Python <
3.3.2!)
This bug has been registered as #16611, and fixed on 3.3.3.
But it is not backported into Python 2.7.
http://bugs.python.org/issue16611
My question: Is there any plan to backport the fix to Python 2.7?
Do you have any plan to upgrade to 3.4, so you get *all* the bugfixes
possible?
The simple answer is no. The longer answer is, if you want to propose a
patch to backport the fix, it's more likely that somebody will do the
work to commit it as support for 2.7 has been extended until 2020.
Please note that I said "more likely", there's no guarantee given that
Python relies so much on volunteers.
The extended support is mostly focused on build (compiler) and security
(internet) issues, to support software already written and *working* on 2.7.
That said, if someone were to modify the patch to it could be imported
to 2.7 (at least changing file names) or make changes to the relevant
files by hand; run the tests, with whatever changes are needed so that
they do run; and change the code as needed so all tests pass; sign the
contributor agreement; and post a properly formatted test to the tracker
and indicate a readiness to respond to comments; then it might get some
attention.
--
Terry Jan Reedy
--
https://mail.python.org/mailman/listinfo/python-list
