Tim Graham added the comment: Thank-you Georg; I believe I was able to fix some of the failures by patching Django as you suggested.
However, I think I found another issue due to #16611 (support for httponly/secure cookies) not being backported to Python 3.2. The issue is that any cookies that appear after one that uses httponly or secure are dropped: >>> from http.cookies import SimpleCookie >>> c = SimpleCookie() >>> c['a'] = 'b' >>> c['a']['httponly'] = True >>> c['d'] = 'e' >>> out = c.output(header='', sep='; ') >>> SimpleCookie(out) <SimpleCookie: a='b'> Here's another example using the 'domain' option to show the same flow from above working as expected: >>> c = SimpleCookie() >>> c['a'] = 'b' >>> c['a']['domain'] = 'foo.com' >>> c['d'] = 'e' >>> out = c.output(header='', sep='; ') >>> SimpleCookie(out) <SimpleCookie: a='b' d='e'> It seems to me this may warrant backporting httponly/secure support to Python 3.2 now that cookie parsing is more strict (unless Django is again relying on incorrect behavior). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22758> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
