Fixed #6764 -- Added some error checking around cookie decoding. Thanks,

Michael Axiak. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #6764 -- Added some error checking around cookie decoding. Thanks,
Michael Axiak. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
30bdabb2 · Malcolm Tredinnick · 8defa8fd · 30bdabb2 · 30bdabb2
Kaydet (Commit) 30bdabb2 authored Mar 17, 2008 tarafından Malcolm Tredinnick
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 3 deletions

__init__.py django/http/__init__.py +8 -3

tests.py tests/regressiontests/requests/tests.py +4 -0

No files found.
--- a/django/http/__init__.py
+++ b/django/http/__init__.py
 import os
-from Cookie import SimpleCookie
+from Cookie import SimpleCookie, CookieError
 from pprint import pformat
 from urllib import urlencode
 from urlparse import urljoin
@@ -239,8 +239,13 @@ class QueryDict(MultiValueDict):
 def parse_cookie(cookie):
    if cookie == '':
        return {}
-    c = SimpleCookie()
+    try:
-    c.load(cookie)
+        c = SimpleCookie()
+        c.load(cookie)
+    except CookieError:
+        # Invalid cookie
+        return {}
    cookiedict = {}
    for key in c.keys():
        cookiedict[key] = c.get(key).value

--- a/tests/regressiontests/requests/tests.py
+++ b/tests/regressiontests/requests/tests.py
@@ -31,4 +31,8 @@ GET:{},
 POST:{},
 COOKIES:{},
 META:{}>
+>>> from django.http import parse_cookie
+>>> parse_cookie('invalid:key=true')
+{}
 """