Message 334338 - Python tracker

Message334338

Author	MeiK
Recipients	MeiK
Date	2019-01-25.03:11:05
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1548385865.75.0.22198302427.issue35824@roundup.psfhosted.org>
In-reply-to

Content
http.cookies.BaseCookie[1] can't parse Expires in this format like Expires=Thu,31 Jan 2019 05:56:00 GMT;(Less space after Thu,). I encountered this problem in actual use, Chrome, IE and Firefox can parse this string normally. Many languages, such as JavaScript, can also parse this data automatically. I built a test site using Flask: https://paste.ubuntu.com/p/K7Z4K4KH7Z/, Use curl and requests to get cookies correctly, but not with aiohttp (because it uses http.cookies.BaseCookie). Looking at MDN[2] and rfc[3](Thanks tirkarthi), this doesn't seem to be a canonical behavior, But some Java WEB frameworks will produce this behavior (such as the one that caused me to find the problem). This problem can be solved by modifying a regular expression[4], but I don't know if it should be compatible with this non-standard way of writing. English is not my native language; please excuse typing errors. [1] https://github.com/python/cpython/blob/master/Lib/http/cookies.py#L457 [2] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#Directives [3] https://tools.ietf.org/html/rfc6265#section-4.1.1 [4] https://github.com/python/cpython/blob/master/Lib/http/cookies.py#L444

Content

http.cookies.BaseCookie[1] can't parse Expires in this format like Expires=Thu,31 Jan 2019 05:56:00 GMT;(Less space after Thu,).

I encountered this problem in actual use, Chrome, IE and Firefox can parse this string normally. Many languages, such as JavaScript, can also parse this data automatically.

I built a test site using Flask: https://paste.ubuntu.com/p/K7Z4K4KH7Z/, Use curl and requests to get cookies correctly, but not with aiohttp (because it uses http.cookies.BaseCookie).

Looking at MDN[2] and rfc[3](Thanks tirkarthi), this doesn't seem to be a canonical behavior, But some Java WEB frameworks will produce this behavior (such as the one that caused me to find the problem).

This problem can be solved by modifying a regular expression[4], but I don't know if it should be compatible with this non-standard way of writing.

English is not my native language; please excuse typing errors.


[1] https://github.com/python/cpython/blob/master/Lib/http/cookies.py#L457
[2] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#Directives
[3] https://tools.ietf.org/html/rfc6265#section-4.1.1
[4] https://github.com/python/cpython/blob/master/Lib/http/cookies.py#L444

History
Date	User	Action	Args
2019-01-25 03:11:07	MeiK	set	recipients: + MeiK
2019-01-25 03:11:05	MeiK	set	messageid: <1548385865.75.0.22198302427.issue35824@roundup.psfhosted.org>
2019-01-25 03:11:05	MeiK	link	issue35824 messages
2019-01-25 03:11:05	MeiK	create