Pickling/unpickling Cookie.SimpleCookie fails with protocol=2

[Erwin S. Andreasen]

Pickling a Cookie.SimpleCookie (or SmartCookie) when using protocol=2
seems to do something very strange. Protocol 0/1 work fine:

$ python2.4
Python 2.4.2 (#2, Nov 20 2005, 17:04:48)
[GCC 4.0.3 20051111 (prerelease) (Debian 4.0.2-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
<SimpleCookie: hi='there'>

Protocol 2 however:

pickle.loads(pickle.dumps(Cookie.Cookie('hi=there'),2))

pickle.loads(pickle.dumps(Cookie.Cookie('hi=there'),2))['hi'].__dict__

{'coded_value':
'"ccopy_reg\\012_reconstructor\\012p1\\012(cCookie\\012Morsel\\012p2\\012c__builtin__\\012dict\\012p3\\012(dp4\\012S\'comment\'\\012p5\\012S\'\'\\012sS\'domain\'\\012p6\\012S\'\'\\012sS\'version\'\\012p7\\012S\'\'\\012sS\'secure\'\\012p8\\012S\'\'\\012sS\'path\'\\012p9\\012S\'\'\\012sS\'expires\'\\012p10\\012S\'\'\\012sS\'max-age\'\\012p11\\012S\'\'\\012stRp12\\012(dp13\\012S\'coded_value\'\\012p14\\012S\'there\'\\012p15\\012sS\'value\'\\012p16\\012g15\\012sS\'key\'\\012p17\\012S\'hi\'\\012p18\\012sb."',
'value': <Morsel: hi='there'>, 'key': 'hi'}


I can't really say what goes wrong here, but it looks like a bug to me
-- comments? I guess I'll have to go to protocol 0 for this, or not
serialize the cookie but re-parse it on the other side (this pickle
gets passed down a UNIX socket together with the file descriptor of a
request, in a load balancing system).

 

[Paul Rubin]

Pickling a Cookie.SimpleCookie (or SmartCookie) when using protocol=2
seems to do something very strange. Protocol 0/1 work fine:

Don't use SmartCookies because of the security issue. See the docs.

 

[Georg Brandl]

Pickling a Cookie.SimpleCookie (or SmartCookie) when using protocol=2
seems to do something very strange. Protocol 0/1 work fine:

$ python2.4
Python 2.4.2 (#2, Nov 20 2005, 17:04:48)
[GCC 4.0.3 20051111 (prerelease) (Debian 4.0.2-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
<SimpleCookie: hi='there'>

Protocol 2 however:

pickle.loads(pickle.dumps(Cookie.Cookie('hi=there'),2))

pickle.loads(pickle.dumps(Cookie.Cookie('hi=there'),2))['hi'].__dict__

{'coded_value':
'"ccopy_reg\\012_reconstructor\\012p1\\012(cCookie\\012Morsel\\012p2\\012c__builtin__\\012dict\\012p3\\012(dp4\\012S\'comment\'\\012p5\\012S\'\'\\012sS\'domain\'\\012p6\\012S\'\'\\012sS\'version\'\\012p7\\012S\'\'\\012sS\'secure\'\\012p8\\012S\'\'\\012sS\'path\'\\012p9\\012S\'\'\\012sS\'expires\'\\012p10\\012S\'\'\\012sS\'max-age\'\\012p11\\012S\'\'\\012stRp12\\012(dp13\\012S\'coded_value\'\\012p14\\012S\'there\'\\012p15\\012sS\'value\'\\012p16\\012g15\\012sS\'key\'\\012p17\\012S\'hi\'\\012p18\\012sb."',
'value': <Morsel: hi='there'>, 'key': 'hi'}


I can't really say what goes wrong here, but it looks like a bug to me
-- comments? I guess I'll have to go to protocol 0 for this, or not
serialize the cookie but re-parse it on the other side (this pickle
gets passed down a UNIX socket together with the file descriptor of a
request, in a load balancing system).

You can report a bug at SourceForge.

Georg

 

[Erwin S. Andreasen]

Pickling a Cookie.SimpleCookie (or SmartCookie) when using protocol=2
seems to do something very strange. Protocol 0/1 work fine:

Oh well, it seems that it's a well-known bug that has been around for
more than 2 years:

http://sourceforge.net/tracker/index.php?func=detail&aid=826897&group_id=5470&atid=105470

http://sourceforge.net/tracker/index.php?func=detail&aid=964868&group_id=5470&atid=105470