[issue2190] MozillaCookieJar ignore HttpOnly cookies
Mike Thomas
report at bugs.python.org
Sun Aug 27 13:50:28 EDT 2017
Mike Thomas added the comment:
Can this issue be reopened? As Jérémie stated, curl uses this format and outputs cookie files using the #HttpOnly_ prefix. I also found at least one project that is working around lack of this support:
https://code.google.com/archive/p/git-repo/
https://gerrit.googlesource.com/git-repo/+/master/subcmds/sync.py#995
# Python doesn't understand cookies with the #HttpOnly_ prefix
# Since we're only using them for HTTP, copy the file temporarily,
# stripping those prefixes away.
One potential improvement for the proposed patch: instead of just stripping out #HttpOnly_, this attribute should be set on the Cookie that is created, within the 'rest' dict (rest={'HttpOnly': True}). The Morsel class is already aware of this attribute, as is the 'requests.cookies' module.
----------
nosy: +mt0321
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue2190>
_______________________________________
More information about the Python-bugs-list
mailing list