- fixed cookie path to use TRACKER_WEB (sf bug 667020) (thanks Luke Opperman

  for confirming fix)

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1475 57a73879-2fb5-44c3-a270-3262357dd7e2

diff --git a/CHANGES.txt b/CHANGES.txt
index ab0835c0ce58bd5f1706dff2b2d3a7a60f4e9388..07319369da97e1fd0e7c049c3f9d2d6e0bd81e84 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -21,6 +21,8 @@ are given with the most recent entry first.
 - applied unicode patch. All data is stored in utf-8. Incoming messages
   converted from any encoding to utf-8, outgoing messages are encoded 
   according to rfc2822 (sf bug 568873)
+- fixed cookie path to use TRACKER_WEB (sf bug 667020) (thanks Luke Opperman
+  for confirming fix)
 
 
 2003-??-?? 0.5.5

diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index ce7327f01ad95ca9124780bd488d5abb5e9be499..49c8321815b15ac5bd95553cebed6b35458c0e90 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
@@ -1,4 +1,4 @@
-# $Id: client.py,v 1.72 2003-01-20 23:05:19 richard Exp $
+# $Id: client.py,v 1.73 2003-01-24 06:21:17 richard Exp $
 
 __doc__ = """
 WWW request handler (also used in the stand-alone server).
@@ -89,9 +89,13 @@ class Client:
         # save off the path
         self.path = env['PATH_INFO']
 
-        # this is the base URL for this instance
+        # this is the base URL for this tracker
         self.base = self.instance.config.TRACKER_WEB
 
+        # this is the "cookie path" for this tracker (ie. the path part of
+        # the "base" url)
+        self.cookie_path = urlparse.urlparse(self.base)[2]
+
         # see if we need to re-parse the environment for the form (eg Zope)
         if form is None:
             self.form = cgi.FieldStorage(environ=env)
@@ -480,10 +484,9 @@ class Client:
         expire = Cookie._getdate(86400*365)
 
         # generate the cookie path - make sure it has a trailing '/'
-        path = '/'.join((self.env['SCRIPT_NAME'], self.env['TRACKER_NAME'],
-            ''))
         self.additional_headers['Set-Cookie'] = \
-          'roundup_user_2=%s; expires=%s; Path=%s;'%(self.session, expire, path)
+          'roundup_user_2=%s; expires=%s; Path=%s;'%(self.session, expire,
+            self.cookie_path)
 
     def make_user_anonymous(self):
         ''' Make us anonymous
@@ -578,10 +581,9 @@ class Client:
 
         # construct the logout cookie
         now = Cookie._getdate()
-        path = '/'.join((self.env['SCRIPT_NAME'], self.env['TRACKER_NAME'],
-            ''))
         self.additional_headers['Set-Cookie'] = \
-           'roundup_user_2=deleted; Max-Age=0; expires=%s; Path=%s;'%(now, path)
+           'roundup_user_2=deleted; Max-Age=0; expires=%s; Path=%s;'%(now,
+            self.cookie_path)
 
         # Let the user know what's going on
         self.ok_message.append(_('You are logged out'))