From 4d6f0f26508eea4a16adc4de613777b82701fd31 Mon Sep 17 00:00:00 2001 From: Gary Wilson Jr Date: Sat, 8 Mar 2008 03:31:42 +0000 Subject: [PATCH] Fixed #6657 -- Don't set secure attribute on cookie if `secure=False` is passed, thanks Gulopine. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7204 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/http/__init__.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/django/http/__init__.py b/django/http/__init__.py index 7a85e20515..941e1ba2b2 100644 --- a/django/http/__init__.py +++ b/django/http/__init__.py @@ -314,12 +314,18 @@ class HttpResponse(object): def get(self, header, alternate): return self._headers.get(header.lower(), (None, alternate))[1] - def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=None): + def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=False): self.cookies[key] = value - for var in ('max_age', 'path', 'domain', 'secure', 'expires'): - val = locals()[var] - if val is not None: - self.cookies[key][var.replace('_', '-')] = val + if max_age is not None: + self.cookies[key]['max-age'] = max_age + if expires is not None: + self.cookies[key]['expires'] = expires + if path is not None: + self.cookies[key]['path'] = path + if domain is not None: + self.cookies[key]['domain'] = domain + if secure: + self.cookies[key]['secure'] = True def delete_cookie(self, key, path='/', domain=None): self.set_cookie(key, max_age=0, path=path, domain=domain,