[issue35121] Cookie domain check returns incorrect results
Karthikeyan Singaravelan
report at bugs.python.org
Wed Feb 13 01:30:08 EST 2019
Karthikeyan Singaravelan <tir.karthi at gmail.com> added the comment:
This issue affects 2.7 as well along with 3.4 and 3.5. The initial report was notified to security at python.org . 2.7.16 release candidate dates were announced at https://mail.python.org/pipermail/python-dev/2019-February/156266.html. I have prepared an initial backport of this with tests for 2.7 at https://github.com/python/cpython/compare/2.7...tirkarthi:bpo35121-27 . Serhiy has approved the PR for master. I have added notes here and on the PR about the issue and implementation in other languages. It would be helpful if someone can double check my analysis since cookiejar has not received much change over the years.
If this is a potential candidate for 2.7 release I can help with that once the changes are merged to master. Adding Benjamin Peterson to this issue to take a call on if it needs to be backported to 2.7. If it's planned for a backport then also to decide on priority if this needs to be part of 2.7.16 or later release.
----------
nosy: +benjamin.peterson
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue35121>
_______________________________________
More information about the Python-bugs-list
mailing list