Previous Page Up One Level Next Page Python Library Reference Contents Module Index Index
Previous: 11.16 CGIHTTPServer Up: 11. Internet Protocols and Next: 11.17.1 Cookie Objects

11.17 Cookie -- HTTP state management

The Cookie module defines classes for abstracting the concept of cookies, an HTTP state management mechanism. It supports both simplistic string-only cookies, and provides an abstraction for having any serializable data-type as cookie value.

The module formerly strictly applied the parsing rules described in in the RFC 2109 [off-site link] and RFC 2068 [off-site link] specifications. It has since been discovered that MSIE 3.0x doesn't follow the character rules outlined in those specs. As a result, the parsing rules used are a bit less strict.

CookieError
Exception failing because of RFC 2109 [off-site link] invalidity: incorrect attributes, incorrect Set-Cookie header, etc.

BaseCookie ([input])
This class is a dictionary-like object whose keys are strings and whose values are Morsels. Note that upon setting a key to a value, the value is first converted to a Morsel containing the key and the value.

If input is given, it is passed to the load method.

SimpleCookie ([input])
This class derives from BaseCookie and overrides value_decode and value_encode to be the identity and str() respectively.

SerialCookie ([input])
This class derives from BaseCookie and overrides value_decode and value_encode to be the pickle.loads() and pickle.dumps.

Do not use this class. Reading pickled values from a cookie is a security hole, as arbitrary client-code can be run on pickle.loads(). It is supported for backwards compatibility.

SmartCookie ([input])
This class derives from BaseCookie. It overrides value_decode to be pickle.loads() if it is a valid pickle, and otherwise the value itself. It overrides value_encode to be pickle.dumps() unless it is a string, in which case it returns the value itself.

The same security warning from SerialCookie applies here.

See Also:

RFC 2109, HTTP State Management Mechanism [off-site link]
This is the state management specification implemented by this module.

Subsections

Previous Page Up One Level Next Page Python Library Reference Contents Module Index Index
Previous: 11.16 CGIHTTPServer Up: 11. Internet Protocols and Next: 11.17.1 Cookie Objects
See About this document... for information on suggesting changes.