Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #97975

Re: working with cookies

From Denis McMahon <denismfmcmahon@gmail.com>
Newsgroups comp.lang.python
Subject Re: working with cookies
Date 2015-10-28 08:25 +0000
Organization A noiseless patient Spider
Message-ID <n0q0ov$gup$2@dont-email.me> (permalink)
References (2 earlier) <f4e741a7-f47d-457a-babb-d98d15c9aba3@googlegroups.com> <n0mc3q$o3j$1@reader1.panix.com> <f55b1ed4-7dcf-47e9-906b-085d72b98f92@googlegroups.com> <n0mko7$khp$1@reader1.panix.com> <6906a71b-b3bd-4643-84d5-393cb66c2c7d@googlegroups.com>

Show all headers | View raw

On Tue, 27 Oct 2015 05:11:01 -0700, Jeremy Leonard wrote:

> I haven't learned how to do that yet. I see in the documentation for
> Python that there is a Cookie Jar class, but that seems to be more on
> the client side (unless I am reading it incorrectly). I'm looking for
> help in learning how to do that.

Note that controlling what browsers do with cookies isn't always simple 
or easy.

In theory, if you don't set an explicit expiry on a cookie the browser 
should forget it when the browser closes. In other cases, the browser 
should delete the cookie when the expiry time passes.

However, my experience has taught me that stale cookies may get 
presented, and browsers may forget about cookies you think shouldn't have 
expired.

At the end of the day, a cookie is a fragment of data that you are 
placing in the control of your website visitors, never forget that. 
Rather than storing server side data in the cookie, use the cookie as a 
key to the server side data (ie as a session identifier), and generate 
the cookie value in a way that makes session hijacking by manipulating 
the cookie value difficult (your cookie value range needs a few more 
orders of magnitude than your maximum simultaneous user sessions value).

-- 
Denis McMahon, denismfmcmahon@gmail.com

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 12:26 -0700
  Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-26 20:16 +0000
    Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 15:57 -0700
      Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-26 23:14 +0000
        Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-26 17:30 -0700
          Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-27 01:41 +0000
            Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-27 05:11 -0700
              Re: working with cookies Denis McMahon <denismfmcmahon@gmail.com> - 2015-10-28 08:25 +0000
                Re: working with cookies Jeremy Leonard <jrmy.lnrd@gmail.com> - 2015-10-28 12:31 -0700
                Re: working with cookies John Gordon <gordon@panix.com> - 2015-10-28 19:47 +0000

csiph-web