Re: [Django] #24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP standard

2015-01-16 Thread Django 
#24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP
standard
-+-
 Reporter:  jdufresne|Owner:  nobody
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  HTTP handling|  Version:  master
 Severity:  Normal   |   Resolution:  invalid
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by berkerpeksag):

 Just a note: The patch in [https://bugs.python.org/issue23250 issue 23250]
 has been committed to Python 3.4.3 and 3.5.0.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.86c3cbbd2629e1891b98e09481f08878%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP standard

2015-01-16 Thread Django 
#24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP
standard
-+-
 Reporter:  jdufresne|Owner:  nobody
 Type:   |   Status:  closed
  Cleanup/optimization   |
Component:  HTTP handling|  Version:  master
 Severity:  Normal   |   Resolution:  invalid
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by jdufresne):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 I have moved this issue upstream http://bugs.python.org/issue23250.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.b285058b7fa7faaf7f99b4b50c2e609f%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP standard

2015-01-15 Thread Django 
#24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP
standard
-+-
 Reporter:  jdufresne|Owner:  nobody
 Type:   |   Status:  new
  Cleanup/optimization   |
Component:  HTTP handling|  Version:  master
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by jdufresne):

 When I originally opened this bug I wrongly assumed this bug was rooted in
 Django, not Python stdlib. If the feeling is that this should be resolved
 upstream, I can spend my efforts there. if you feel that is the best
 course of action, please let me know if I should close this ticket.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.420d034a791d403683a433da88348173%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP standard

2015-01-15 Thread Django 
#24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP
standard
-+-
 Reporter:  jdufresne|Owner:  nobody
 Type:   |   Status:  new
  Cleanup/optimization   |
Component:  HTTP handling|  Version:  master
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by berkerpeksag):

 If the spec says "HttpOnly attribute name MUST be case-sensitive", I'd
 agree with you. However, the grammar described  HttpOnly and Secure as

 {{{
 secure-av = "Secure"
 httponly-av   = "HttpOnly"
 }}}

 http://tools.ietf.org/html/rfc6265#section-4.1.1

 But again, it's not clear to me. If I'm not mistaken, we(and probably
 others) don't really follow accepted RFCs strictly for cookies.

 The relevant Python issue is https://bugs.python.org/issue16611 You can
 also discuss this by creating a new issue at https://bugs.python.org/, but
 since RFC 6265 is not widely implemented and there is no practical issue,
 I think it may be rejected. And probably there is a backward compatibility
 issue.

 There are a couple of  RFC 6265 related issues:

 * http://bugs.python.org/issue22931
 * https://bugs.python.org/issue19670
 * https://bugs.python.org/issue22931

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.8016b7b209667bb84165d7e9592b3dcc%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP standard

2015-01-15 Thread Django 
#24153: Cookie HttpOnly attribute does not use suggested case-style of HTTP
standard
-+-
 Reporter:  jdufresne|Owner:  nobody
 Type:   |   Status:  new
  Cleanup/optimization   |
Component:  HTTP handling|  Version:  master
 Severity:  Normal   |   Resolution:
 Keywords:   | Triage Stage:
 |  Unreviewed
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by timgraham):

 * needs_better_patch:   => 0
 * needs_tests:   => 0
 * needs_docs:   => 0


Comment:

 Django's usage seems consistent with cpython so I'm not sure there's much
 benefit to changing this.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.afcb7ef7e283332006677a5bcecf543f%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.