1.1.7.4. gnr.web.gnrcookie¶
Last page update: November 23, 2011
Classes:
External methods:
Complete reference:
1.1.7.4.2. MarshalCookie¶
1.1.7.4.3. SignedCookie¶
1.1.7.4.4. External methods¶
These methods don’t belong to any class.
1.1.7.4.5. gnr.web.gnrcookie - The complete reference list¶
This module contains classes to support HTTP State Management Mechanism, also known as Cookies. The classes provide simple ways for creating, parsing and digitally signing cookies, as well as the ability to store simple Python objects in Cookies (using marshalling).
The behaviour of the classes is designed to be most useful within mod_python applications.
The current state of HTTP State Management standardization is rather unclear. It appears that the de-facto standard is the original Netscape specification, even though already two RFC’s have been put out (RFC2109 (1997) and RFC2965 (2000)). The RFC’s add a couple of useful features (e.g. using Max-Age instead of Expires, but my limited tests show that Max-Age is ignored by the two browsers tested (IE and Safari). As a result of this, perhaps trying to be RFC-compliant (by automatically providing Max-Age and Version) could be a waste of cookie space...
This class implements the basic Cookie functionality. Note that unlike the Python Standard Library Cookie class, this class represents a single cookie (not a list of Morsels).
Parse a Cookie or Set-Cookie header value, and return a dict of Cookies. Note: the string should NOT include the header name, only the value.
Parameters: - Class – TODO
- str – TODO
- secret – TODO.
Returns: a dict of Cookies
This is a variation of SignedCookie that can store more than just strings. It will automatically marshal the cookie value, therefore any marshallable object can be used as value.
The standard library Cookie module provides the ability to pickle data, which is a major security problem. It is believed that unmarshalling (as opposed to unpickling) is safe, yet we still err on the side of caution which is why this class is a subclass of SignedCooke making sure what we are about to unmarshal passes the digital signature test.
Here is a link to a sugesstion that marshalling is safer than unpickling http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=7xn0hcugmy.fsf%40ruckus.brouhaha.com
TODO
Parse Class: TODO Parse s: TODO Parse secret: TODO Parse mismatch: TODO. Default valus is Cookie.DOWNGRADE Returns: TODO
TODO
Parameters: secret – TODO
This is a variation of Cookie that provides automatic cryptographic signing of cookies and verification. It uses the HMAC support in the Python standard library. This ensures that the cookie has not been tampered with the client side.
Note that this class does not encrypt cookie data, thus it is still plainly visible as part of the cookie.
TODO
Parameters: str – TODO Returns: TODO
TODO
Parameters: - Class – TODO
- s – TODO
- secret – TODO
- mismatch – TODO. Default valus is Cookie.DOWNGRADE
Returns: TODO
TODO
Parameters: secret – TODO
Set a cookie in outgoing headers and add a cache directive so that caches don’t cache the cookie
Parameters: - res – TODO
- cookie – TODO
- value – TODO. Default value is ""
TODO
Parameters: - req – TODO
- name – TODO
- Class – TODO. Default valus is Cookie
Returns: TODO
A shorthand for retrieveing and parsing cookies given a Cookie class. The class must be one of the classes from this module.
Parameters: - req – TODO
- Class – TODO. Default value is Cookie
Returns: TODO
Table Of Contents
Previous topic
1.1.7.3. gnr.web.gnrbaseclasses
Next topic
1.1.7.5. gnr.web.gnrwebpage - Webpages