New submission from Yuen Ho Wong <wyue...@gmail.com>: This is a minor bug remotely related to issue 100.
According to the WSGI spec, all the strings in the environ should be byte strings. However, if some IIdentifier plugin returns an unicode login name for identity dict, AuthTktCookie will automatically encoding the value into UTF-8, and rewrite the `user_data` field of the auth_tkt to embed the type info. This is doubly bad besides deviating from the spec. According to the mod_auth_tkt README, the user_data field has special meaning to the Apache module and should not be rewritten. IMHO the proper fix is to have the plugin to look for a charset value that's in scope when something needs to be decoded/encoded. http://www.python.org/dev/peps/pep-0333/#unicode-issues ---------- messages: 274 nosy: wyuenho priority: bug status: unread title: AuthTktCookie should not try to decode userid based on value types topic: repoze.who __________________________________ Repoze Bugs <b...@bugs.repoze.org> <http://bugs.repoze.org/issue101> __________________________________ _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev