def _BaseCookie__ParseString(self, str, patt=cookies._CookiePattern):
i = 0 # Our starting point
n = len(str) # Length of string
M = None # current morsel
while 0 <= i < n:
# Start looking for a cookie
match = patt.search(str, i)
if not match: break # No more cookies
K,V = match.group("key"), match.group("val")
i = match.end(0)
# Parse the key, value in case it's metainfo
if K[0] == "$":
# We ignore attributes which pertain to the cookie
# mechanism as a whole. See RFC 2109.
# (Does anyone care?)
if M:
try:
M[ K[1:] ] = V
except cookies.CookieError:
# We don't care.
pass
elif K.lower() in cookies.Morsel._reserved:
if M:
M[ K ] = cookies._unquote(V)
else:
rval, cval = self.value_decode(V)
try:
self._BaseCookie__set(K, rval, cval)
M = self[K]
except cookies.CookieError as e:
eventlog.warning(e)
def __ParseString(self, str, patt=Cookie._CookiePattern):
i = 0 # Our starting point
n = len(str) # Length of string
M = None # current morsel
while 0 <= i < n:
# Start looking for a cookie
match = patt.search(str, i)
if not match: break # No more cookies
K, V = match.group("key"), match.group("val")
i = match.end(0)
# Parse the key, value in case it's metainfo
if K[0] == "$":
# We ignore attributes which pertain to the cookie
# mechanism as a whole. See RFC 2109.
# (Does anyone care?)
if M:
M[K[1:]] = V
elif K.lower() in Cookie.Morsel._reserved:
if M:
M[K] = Cookie._unquote(V)
else:
if not SIG_PATTERN.search(V):
pass
uval = Cookie._unquote(V)
real_val = uval[:-SIG_LEN]
try:
sig = b64decode(uval[-SIG_LEN:])
except TypeError:
# Incorrect padding
raise BadSignatureError("Bad signature for cookie '%s'" %
K)
# TODO: use constant time string comparison
if sig != hmac.new(self.key + K, real_val, sha256).digest():
raise BadSignatureError("Bad signature for cookie '%s'" %
K)
self._BaseCookie__set(K, real_val, V)
M = self[K]
def __ParseString(self, str, patt=Cookie._CookiePattern):
i = 0 # Our starting point
n = len(str) # Length of string
M = None # current morsel
while 0 <= i < n:
# Start looking for a cookie
match = patt.search(str, i)
if not match:
break # No more cookies
K, V = match.group("key"), match.group("val")
i = match.end(0)
# Parse the key, value in case it's metainfo
if K[0] == "$":
# We ignore attributes which pertain to the cookie
# mechanism as a whole. See RFC 2109.
# (Does anyone care?)
if M:
M[K[1:]] = V
elif K.lower() in Cookie.Morsel._reserved:
if M:
M[K] = Cookie._unquote(V)
else:
if not SIG_PATTERN.search(V):
pass
uval = Cookie._unquote(V)
real_val = uval[:-SIG_LEN]
try:
sig = b64decode(uval[-SIG_LEN:])
except TypeError:
# Incorrect padding
raise BadSignatureError("Bad signature for cookie '%s'" % K)
# TODO: use constant time string comparison
if sig != hmac.new(self.key + K, real_val, sha256).digest():
raise BadSignatureError("Bad signature for cookie '%s'" % K)
self._BaseCookie__set(K, real_val, V)
M = self[K]
def deserialize(self, name, value, max_age=None):
"""Deserializes a signed cookie value.
:param name:
Cookie name.
:param value:
A cookie value to be deserialized.
:param max_age:
Maximum age in seconds for a valid cookie. If the cookie is older
than this, returns None.
:returns:
The deserialized secure cookie, or None if it is not valid.
"""
if not value:
return None
# Unquote for old WebOb.
value = Cookie._unquote(value)
parts = value.split('|')
if len(parts) != 3:
return None
signature = self._get_signature(name, parts[0], parts[1])
if not security.compare_hashes(parts[2], signature):
logging.warning('Invalid cookie signature %r', value)
return None
if max_age is not None:
if int(parts[1]) < self._get_timestamp() - max_age:
logging.warning('Expired cookie %r', value)
return None
try:
return self._decode(parts[0])
except Exception, e:
logging.warning('Cookie value failed to be decoded: %r', parts[0])
return None
def deserialize(self, name, value, max_age=None):
"""Deserializes a signed cookie value.
:param name:
Cookie name.
:param value:
A cookie value to be deserialized.
:param max_age:
Maximum age in seconds for a valid cookie. If the cookie is older
than this, returns None.
:returns:
The deserialized secure cookie, or None if it is not valid.
"""
if not value:
return None
# Unquote for old WebOb.
value = Cookie._unquote(value)
parts = value.split('|')
if len(parts) != 3:
return None
signature = self._get_signature(name, parts[0], parts[1])
if not security.compare_hashes(parts[2], signature):
logging.warning('Invalid cookie signature %r', value)
return None
if max_age is not None:
if int(parts[1]) < self._get_timestamp() - max_age:
logging.warning('Expired cookie %r', value)
return None
try:
return self._decode(parts[0])
except Exception, e:
logging.warning('Cookie value failed to be decoded: %r', parts[0])
return None
def cookie_decode(self, val):
return self.cipher.decrypt(Cookie._unquote(val)).strip()
def cookie_decode(self, val):
return self.cipher.decrypt(Cookie._unquote(val)).strip()
