Cookie filter#799
Cookie filter#799panda73111 wants to merge 28 commits intoaio-libs:masterfrom panda73111:cookie_filter
Conversation
aiohttp/client.py
Outdated
| """Returns this session's cookies filtered by their attributes""" | ||
| # TODO: filter by 'expires', 'path', ... | ||
| netloc = urllib.parse.urlsplit(url).netloc | ||
| is_ip = IPV4_PATTERN.match(netloc) is not None |
There was a problem hiding this comment.
ipaddress.IPAddress(netloc) to support both IPv4 and IPv6 in the right way without regexps (which accepts invalid IPv4 addresses).
…mpleCookie class modifies value before Python 3.4"
…Fixed handling starting dot in cookie domains
|
Looks interesting. I need reread RFC first for making careful review. Anyway I have a strong feeling that we need to fix cookies problem in the next aiohttp release. |
…ieStore, which ClientSession refers to
…ering methods inside it
|
I added the Expires- and Max-Age-attributes, by scheduling deletion of the cookie via |
|
...Or maybe any other comments? This is basically done, as it is. |
(invalid values, host only cookie, domain matching, path matching, date parsing)
|
you could fix the merge conflicts and failing builds |
# Conflicts: # aiohttp/client.py
|
Well, I wanted my code to get approved first, since I don't want to create a merge commit every time master becomes incompatible, until this gets merged or rejected eventually. And what's up with these coverage comments? Shouldn't these be posted only after all tests pass? The next commit makes it up to 98.26% again only because flake8 is satisfied... |
| return non_matching.startswith("/") | ||
|
|
||
| @classmethod | ||
| def _parse_date(cls, date_str): |
There was a problem hiding this comment.
can't we reuse some existing function?
|
i am +1 for this change, but we need opinion from @asvetlov before inclusion. |
|
Squashed and merged as 0016999 |
7 participants
Relevant issue: #792
This branch will add cookie management adhering to RFC 6265.
Right now, it adds a simple filter for cookies sent, regarding their "Domain" attribute.
ClientSessionwithout a "Domain" attribute (asSimpleCookie()ordict/tuple) are still shared across all requests, to keep backwards compatibility.Domain=.example.combecomesDomain=example.com)Domain=example.comis sent tosub.example.com, but not the other way around)More filters (for the remaining attributes and for storing incoming cookies) will be added as soon as I have the time, until eventually ClientSession behaves like stated in RFC 6265.
CORS is completely new to me and low priority until further research.
This branch can be merged into master at any time, I'll add pull requests as needed and all tests pass.
EDIT 23.02.2016:
EDIT 29.02.2016:
EDIT 18.03.2016:
EDIT 20.03.2016:
loop.call_later()/call_at()when a cookie is added, that removes the cookie from the jar.