Fixed #6764 -- Added some error checking around cookie decoding. Thanks,

Michael Axiak.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/http/__init__.py

@@ -1,5 +1,5 @@
 import os
-from Cookie import SimpleCookie
+from Cookie import SimpleCookie, CookieError
 from pprint import pformat
 from urllib import urlencode
 from urlparse import urljoin
@@ -239,8 +239,13 @@ class QueryDict(MultiValueDict):
 def parse_cookie(cookie):
     if cookie == '':
         return {}
-    c = SimpleCookie()
+    try:
-    c.load(cookie)
+        c = SimpleCookie()
+        c.load(cookie)
+    except CookieError:
+        # Invalid cookie
+        return {}
+
     cookiedict = {}
     for key in c.keys():
         cookiedict[key] = c.get(key).value

tests/regressiontests/requests/tests.py

@@ -31,4 +31,8 @@ GET:{},
 POST:{},
 COOKIES:{},
 META:{}>
+
+>>> from django.http import parse_cookie
+>>> parse_cookie('invalid:key=true')
+{}
 """