Fixed #6657 -- Don't set secure attribute on cookie if `secure=False` is passed, thanks Gulopine.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7204 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Gary Wilson Jr 2008-03-08 03:31:42 +00:00
parent 444b7b2849
commit 4d6f0f2650
1 changed files with 11 additions and 5 deletions

View File

@ -314,12 +314,18 @@ class HttpResponse(object):
def get(self, header, alternate): def get(self, header, alternate):
return self._headers.get(header.lower(), (None, alternate))[1] return self._headers.get(header.lower(), (None, alternate))[1]
def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=None): def set_cookie(self, key, value='', max_age=None, expires=None, path='/', domain=None, secure=False):
self.cookies[key] = value self.cookies[key] = value
for var in ('max_age', 'path', 'domain', 'secure', 'expires'): if max_age is not None:
val = locals()[var] self.cookies[key]['max-age'] = max_age
if val is not None: if expires is not None:
self.cookies[key][var.replace('_', '-')] = val self.cookies[key]['expires'] = expires
if path is not None:
self.cookies[key]['path'] = path
if domain is not None:
self.cookies[key]['domain'] = domain
if secure:
self.cookies[key]['secure'] = True
def delete_cookie(self, key, path='/', domain=None): def delete_cookie(self, key, path='/', domain=None):
self.set_cookie(key, max_age=0, path=path, domain=domain, self.set_cookie(key, max_age=0, path=path, domain=domain,