bpo-34911: Added support for secure websocket cookies (GH-9734) · python/cpython@4c33997 (original) (raw)

`@@ -984,6 +984,61 @@ def test_secure(self):

`

984

984

`c._cookies["www.acme.com"]["/"]["foo2"].secure,

`

985

985

`"secure cookie registered non-secure")

`

986

986

``

``

987

`+

def test_secure_block(self):

`

``

988

`+

pol = DefaultCookiePolicy()

`

``

989

`+

c = CookieJar(policy=pol)

`

``

990

+

``

991

`+

headers = ["Set-Cookie: session=narf; secure; path=/"]

`

``

992

`+

req = urllib.request.Request("https://www.acme.com/")

`

``

993

`+

res = FakeResponse(headers, "https://www.acme.com/")

`

``

994

`+

c.extract_cookies(res, req)

`

``

995

`+

self.assertEqual(len(c), 1)

`

``

996

+

``

997

`+

req = urllib.request.Request("https://www.acme.com/")

`

``

998

`+

c.add_cookie_header(req)

`

``

999

`+

self.assertTrue(req.has_header("Cookie"))

`

``

1000

+

``

1001

`+

req = urllib.request.Request("http://www.acme.com/")

`

``

1002

`+

c.add_cookie_header(req)

`

``

1003

`+

self.assertFalse(req.has_header("Cookie"))

`

``

1004

+

``

1005

`+

secure websocket protocol

`

``

1006

`+

req = urllib.request.Request("wss://www.acme.com/")

`

``

1007

`+

c.add_cookie_header(req)

`

``

1008

`+

self.assertTrue(req.has_header("Cookie"))

`

``

1009

+

``

1010

`+

non-secure websocket protocol

`

``

1011

`+

req = urllib.request.Request("ws://www.acme.com/")

`

``

1012

`+

c.add_cookie_header(req)

`

``

1013

`+

self.assertFalse(req.has_header("Cookie"))

`

``

1014

+

``

1015

`+

def test_custom_secure_protocols(self):

`

``

1016

`+

pol = DefaultCookiePolicy(secure_protocols=["foos"])

`

``

1017

`+

c = CookieJar(policy=pol)

`

``

1018

+

``

1019

`+

headers = ["Set-Cookie: session=narf; secure; path=/"]

`

``

1020

`+

req = urllib.request.Request("https://www.acme.com/")

`

``

1021

`+

res = FakeResponse(headers, "https://www.acme.com/")

`

``

1022

`+

c.extract_cookies(res, req)

`

``

1023

`+

self.assertEqual(len(c), 1)

`

``

1024

+

``

1025

`+

test https removed from secure protocol list

`

``

1026

`+

req = urllib.request.Request("https://www.acme.com/")

`

``

1027

`+

c.add_cookie_header(req)

`

``

1028

`+

self.assertFalse(req.has_header("Cookie"))

`

``

1029

+

``

1030

`+

req = urllib.request.Request("http://www.acme.com/")

`

``

1031

`+

c.add_cookie_header(req)

`

``

1032

`+

self.assertFalse(req.has_header("Cookie"))

`

``

1033

+

``

1034

`+

req = urllib.request.Request("foos://www.acme.com/")

`

``

1035

`+

c.add_cookie_header(req)

`

``

1036

`+

self.assertTrue(req.has_header("Cookie"))

`

``

1037

+

``

1038

`+

req = urllib.request.Request("foo://www.acme.com/")

`

``

1039

`+

c.add_cookie_header(req)

`

``

1040

`+

self.assertFalse(req.has_header("Cookie"))

`

``

1041

+

987

1042

`def test_quote_cookie_value(self):

`

988

1043

`c = CookieJar(policy=DefaultCookiePolicy(rfc2965=True))

`

989

1044

`interact_2965(c, "http://www.acme.com/", r'foo=\b"a"r; Version=1')

`