From 274ff3cf5273073b90312d268b3a9bd2bf8f8652 Mon Sep 17 00:00:00 2001 From: richard Date: Fri, 24 Jan 2003 06:21:17 +0000 Subject: [PATCH] - fixed cookie path to use TRACKER_WEB (sf bug 667020) (thanks Luke Opperman for confirming fix) git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1475 57a73879-2fb5-44c3-a270-3262357dd7e2 --- CHANGES.txt | 2 ++ roundup/cgi/client.py | 18 ++++++++++-------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index ab0835c..0731936 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -21,6 +21,8 @@ are given with the most recent entry first. - applied unicode patch. All data is stored in utf-8. Incoming messages converted from any encoding to utf-8, outgoing messages are encoded according to rfc2822 (sf bug 568873) +- fixed cookie path to use TRACKER_WEB (sf bug 667020) (thanks Luke Opperman + for confirming fix) 2003-??-?? 0.5.5 diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py index ce7327f..49c8321 100644 --- a/roundup/cgi/client.py +++ b/roundup/cgi/client.py @@ -1,4 +1,4 @@ -# $Id: client.py,v 1.72 2003-01-20 23:05:19 richard Exp $ +# $Id: client.py,v 1.73 2003-01-24 06:21:17 richard Exp $ __doc__ = """ WWW request handler (also used in the stand-alone server). @@ -89,9 +89,13 @@ class Client: # save off the path self.path = env['PATH_INFO'] - # this is the base URL for this instance + # this is the base URL for this tracker self.base = self.instance.config.TRACKER_WEB + # this is the "cookie path" for this tracker (ie. the path part of + # the "base" url) + self.cookie_path = urlparse.urlparse(self.base)[2] + # see if we need to re-parse the environment for the form (eg Zope) if form is None: self.form = cgi.FieldStorage(environ=env) @@ -480,10 +484,9 @@ class Client: expire = Cookie._getdate(86400*365) # generate the cookie path - make sure it has a trailing '/' - path = '/'.join((self.env['SCRIPT_NAME'], self.env['TRACKER_NAME'], - '')) self.additional_headers['Set-Cookie'] = \ - 'roundup_user_2=%s; expires=%s; Path=%s;'%(self.session, expire, path) + 'roundup_user_2=%s; expires=%s; Path=%s;'%(self.session, expire, + self.cookie_path) def make_user_anonymous(self): ''' Make us anonymous @@ -578,10 +581,9 @@ class Client: # construct the logout cookie now = Cookie._getdate() - path = '/'.join((self.env['SCRIPT_NAME'], self.env['TRACKER_NAME'], - '')) self.additional_headers['Set-Cookie'] = \ - 'roundup_user_2=deleted; Max-Age=0; expires=%s; Path=%s;'%(now, path) + 'roundup_user_2=deleted; Max-Age=0; expires=%s; Path=%s;'%(now, + self.cookie_path) # Let the user know what's going on self.ok_message.append(_('You are logged out')) -- 2.30.2