我正在使用 Pylons 并且遇到了 response.set_cookie 的问题
我认为 Pylons 的一个版本是不同的,但我找不到一种简单的方法来判断我正在运行的版本。在第一个示例中,我相当确定它是 0.9.7 及更高版本,使用 webob 设置 cookie。此环境将 @ 符号设置为 \100。正如您在其他环境中看到的那样,执行完全相同的操作可以正确设置值。如果您需要更多信息,请告诉我任何帮助,我们将不胜感激。
较新版本的 Pylons(我认为)错误地设置了值
response.set_cookie('email', '[email protected]', max_age=3600)
response.headers
ResponseHeaders([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length','0'),
('Pragma', 'no-cache'), ('Cache-Control', 'no-cache'), ('Set-Cookie',
'email="user\\100domain.com"; expires="Fri, 03-Jun-2011 21:07:07 GMT"; Max-Age=3600; Path=/')])
测试环境按正常/预期工作
response.set_cookie('email', '[email protected]', max_age=3600)
response.headers
HeaderDict([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '0'),
('Pragma', 'no-cache'), ('Cache-Control', 'no-cache'), ('Set-Cookie',
'[email protected]; expires="Fri, 03-Jun-2011 21:07:35 GMT"; Max-Age=3600; Path=/')])
I am thinking one of the versions of Pylons is different but I could not find an easy way to tell what versions I was running. In the first example I am fairly certain it is 0.9.7 and up using webob to set the cookie. This environment is setting the @ symbol to \100. As you can see in the other environment doing the exact same thing sets the value properly. Any assistance would be appreciated if you need further information let me know.
Newer version of Pylons (I think) setting the value incorrectly
response.set_cookie('email', '[email protected]', max_age=3600)
response.headers
ResponseHeaders([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length','0'),
('Pragma', 'no-cache'), ('Cache-Control', 'no-cache'), ('Set-Cookie',
'email="user\\100domain.com"; expires="Fri, 03-Jun-2011 21:07:07 GMT"; Max-Age=3600; Path=/')])
Test Environment working as normal/expected
response.set_cookie('email', '[email protected]', max_age=3600)
response.headers
HeaderDict([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '0'),
('Pragma', 'no-cache'), ('Cache-Control', 'no-cache'), ('Set-Cookie',
'[email protected]; expires="Fri, 03-Jun-2011 21:07:35 GMT"; Max-Age=3600; Path=/')])
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是因为 webob 版本较新。
pylons 0.9.7 中的 webob 包是 ~0.9.8,它不会转义 cookie 值。
从那时到现在,webob 开始转义这些值,这导致您的“新”版本失败。如果您深入研究 webob 代码库(较新版本),就会发现这种情况发生在 Cookie 的 serialize() 方法中,它确保值被正确转义。旧版本直接设置这些值,并且在序列化时不会转义。
我在 virtualenv 中运行了类似的 0.9.7 设置,因此能够在我的系统上重现此行为。
只要您使用同一版本的方法,它们也应该对请求中的值进行转义,这样事情就应该没问题。
Its because of the newer version of webob.
The webob package in pylons 0.9.7 is ~0.9.8, which does not escape cookie values.
Somewhere between then and now, webob started escaping the values, which is causing your 'new' version to fail. If you dig into the webob codebase (newer version), this is happening in the serialize() method of Cookie where it ensures that the values are escaped properly. The old version was setting these values directly and was not escaping on serializing.
I have a similar setup with 0.9.7 running in virtualenv, so was able to reproduce this behavior on my system.
As far as you use methods from same version, they should also be unescaping the values in request so things should be fine.