New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch to a more lenient cookie parsing method #900
Conversation
Also, for reference, here's the latest spec I have found, RFC 6265, which obsoletes the prior spec. This document offers the following parsing syntax:
According to this spec, the Starlette cookie parser (and Python's |
I also found a related discussion in Tornado, where they also copied what Django is doing after finding that |
29d0a28
to
6b971d5
Compare
I can add all of the tests they used in Tornado as well, which should give pretty broad coverage of various scenarios. |
I have a working version of cookie parsing which will pass all of these tests. I am stuck on mypy telling me the following:
We have two options here, I believe:
I will wait to commit and push what I have until feedback from the maintainers on proceeding with this PR. I believe we have a pretty comprehensive perspective on what other major Python projects are doing in this area and what the typical path is and so I think this is the right approach for Starlette. Feedback welcome. |
I decided to push my changes so they can be compared with other solutions. I would appreciate resolving this in Starlette, so we can pull our own custom cookie-parsing out of our projects. Let me know what you think. |
I can't reproduce this failing test locally and it's unrelated to any modules that I modified. Any suggestions? |
Seems great yup! I'll have to look into the failing database test separately. |
Seems good to merge, right? (Or did I misunderstand something?) |
Yes, I thought it was ready but that failing test really threw me off! If you're sure it's unrelated, then I think it's ready to merge. (This PR closes #898) |
This PR is for issue #898, requesting a more lenient cookie-parsing technique for Starlette. @tomchristie requested a failing test to start, so that's what has been included here. I reused the example from my issue. Happy to modify or update as desired by the maintainers.