Sanic: Enforce Integer only value for Max-Age Cookie

Created on 2 Jan 2019  路  1Comment  路  Source: sanic-org/sanic

Description

As per the HTTP standard guidelines, Max-Age for a Set-Cookie can only be an integer.

Max-Age= Optional
Number of seconds until the cookie expires. A zero or negative number will expire the cookie
immediately. Older browsers (ie6, ie7, and ie8) do not support max-age. For other browsers, if both > (Expires and Max-Age) are set, Max-Age will have precedence.

Current Cookie class provided by sanic has a fallback catch block that uses any value that you provide to max-age as a valid item and sets it.

Reference

  1. encode method in Cookie class
  2. Community Discussion Thread

Expected Behavior

If you pass a valid interger value to the max-age parameter, it needs to be set. Otherwise, it needs to be defaulted to -1 or 0 causing it to auto expire.

beginner enhancement help wanted
Source
picture harshanarayana
👍1

Most helpful comment

Related test:
https://github.com/huge-success/sanic/blob/cea1547e08230b6ad49eb7777fd8db5335382b7a/tests/test_cookies.py#L141-L156

picture chenjr0719 on 3 Jan 2019
👍2

>All comments

Related test:
https://github.com/huge-success/sanic/blob/cea1547e08230b6ad49eb7777fd8db5335382b7a/tests/test_cookies.py#L141-L156

chenjr0719 picture chenjr0719 on 3 Jan 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

geekpy picture geekpy  路  4Comments
sirex picture sirex  路  4Comments
aiurlano picture aiurlano  路  4Comments
Souldat picture Souldat  路  3Comments
ZeeRoc picture ZeeRoc  路  3Comments