fedora-accounts website.py,1.12,1.13

Toshio Ernie Kuratomi (toshio) fedora-extras-commits at redhat.com
Thu Sep 6 23:00:08 UTC 2007 

Author: toshio

Update of /cvs/fedora/fedora-accounts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1551

Modified Files:
	website.py 
Log Message:
Make cookie handling more secure.



Index: website.py
===================================================================
RCS file: /cvs/fedora/fedora-accounts/website.py,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- website.py	9 Aug 2007 03:31:11 -0000	1.12
+++ website.py	6 Sep 2007 23:00:06 -0000	1.13
@@ -243,13 +243,19 @@
         return
     return arow
 
-def set_auth(username='', password=''):
-    c = Cookie.SmartCookie()
+def set_auth(username=None, password=None):
+    if not username:
+        username = ''
+    if not password:
+        password = ''
+    c = Cookie.SimpleCookie()
     c.load(os.environ.get('HTTP_COOKIE', ''))
     if c.has_key('auth_username'):
         c['auth_username'] = username
+        c['auth_username']['secure'] = True
     if c.has_key('auth_password'):
         c['auth_password'] = password
+        c['auth_password']['secure'] = True
     if c:
         print c
     return c
@@ -286,7 +292,9 @@
             del c['auth_password']
     else:
         c['auth_username'] = auth_username
+        c['auth_username']['secure'] = True
         c['auth_password'] = auth_password
+        c['auth_password']['secure'] = True
     print c
     return auth_username, auth_password

More information about the fedora-extras-commits mailing list