Opened 17 years ago
Closed 13 years ago
#5636 closed defect (duplicate)
unicode encoding error in cookie
| Reported by: | Owned by: | Christian Boos | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | web frontend | Version: | devel |
| Severity: | normal | Keywords: | unicode cookie |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
I ran into a situation where the cookie was unicode but the rest of the code expected a str; the following made it go away:
-
trac/web/api.py
505 505 506 506 cookies = self.outcookie.output(header='') 507 507 for cookie in cookies.splitlines(): 508 self._outheaders.append(('Set-Cookie', cookie.strip()))508 self._outheaders.append(('Set-Cookie', str(cookie.strip()))) 509 509 510 510 511 511 class IAuthenticator(Interface):
Attachments (4)
Change History (15)
comment:1 by , 17 years ago
follow-up: 3 comment:2 by , 17 years ago
| Keywords: | unicode cookie added |
|---|---|
| Owner: | changed from to |
It would probably be worth investigating how a unicode value could get in.
Also, str() conversion is not robust in case that unicode value contains anything else than 'ascii' characters, on most systems.
follow-up: 4 comment:3 by , 17 years ago
Replying to cboos:
It would probably be worth investigating how a unicode value could get in.
Definitely. But I don't know where to start. Frankly I'm not even 100% positive that it was unicode and not, say, an int. If you have specific tests you'd like me to run, I can try to do that.
Also,
str()conversion is not robust in case that unicode value contains anything else than 'ascii' characters, on most systems.
I know. Maybe I should be using something from urlencode?
comment:4 by , 17 years ago
Replying to Dave Abrahams <dave@boost-consulting.com>:
Replying to cboos:
It would probably be worth investigating how a unicode value could get in.
Definitely. But I don't know where to start. Frankly I'm not even 100% positive that it was unicode and not, say, an
int. If you have specific tests you'd like me to run, I can try to do that.
Me neither ;-) Add some more debugging info?
Also,
str()conversion is not robust in case that unicode value contains anything else than 'ascii' characters, on most systems.I know. Maybe I should be using something from urlencode?
The brute force way would be to_unicode(...).encode('utf-8').
comment:5 by , 17 years ago
| Milestone: | 0.11 → 0.11.1 |
|---|
nobody else noticed it … maybe its save to leave it until 0.11.1 … also seems to be no degression.
by , 17 years ago
| Attachment: | assertion.html added |
|---|
Assertion error screen produced by fastcgi when this patch is needed
by , 17 years ago
| Attachment: | assertion.2.html added |
|---|
Correction: Assertion error screen produced by fastcgi when this patch is needed
follow-up: 7 comment:6 by , 17 years ago
Can you try this patch?
-
trac/web/api.py
122 122 self._strict_set(key, real_value, coded_value) 123 123 except CookieError: 124 124 self.bad_cookies.append(key) 125 dict.__setitem__(self, key, None)125 dict.__setitem__(self, key, '') 126 126 127 127 128 128 class Request(object):
comment:8 by , 17 years ago
Replying to Dave Abrahams <dave@boost-consulting.com>:
Replying to cboos:
Can you try this patch?
Seems to work!
I take it back; still broken. See login.html and logout.html
follow-up: 10 comment:9 by , 17 years ago
Well, perhaps could you add some tracing in that Cookie class in order to see what's really going on?
comment:10 by , 17 years ago
Replying to cboos:
Well, perhaps could you add some tracing in that Cookie class in order to see what's really going on?
I'm happy to try specific patches you suggest and let you know the output, but I can't afford to try to figure out what to trace by myself.
comment:11 by , 13 years ago
| Component: | general → web frontend |
|---|---|
| Milestone: | next-minor-0.12.x |
| Resolution: | → duplicate |
| Status: | new → closed |
The specific error was: