Remove support for cookies set by pre-1.0 releases of Tornado.

author Ben Darnell <ben@bendarnell.com>

Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)

committer Ben Darnell <ben@bendarnell.com>

Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)
author Ben Darnell <ben@bendarnell.com>
Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)
committer Ben Darnell <ben@bendarnell.com>
Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)
diff --git a/tornado/web.py b/tornado/web.py

index 821af91e8ebb361bdc262c9694397799a321401d..485f29205724700f5480109aee0478d347b713a6 100644 (file)
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -370,25 +370,13 @@ class RequestHandler(object):
          value = b("|").join([value, timestamp, signature])
          return value
  
-    def get_secure_cookie(self, name, include_name=True, value=None,
-                          max_age_days=31):
-        """Returns the given signed cookie if it validates, or None.
-
-        In older versions of Tornado (0.1 and 0.2), we did not include the
-        name of the cookie in the cookie signature. To read these old-style
-        cookies, pass include_name=False to this method. Otherwise, all
-        attempts to read old-style cookies will fail (and you may log all
-        your users out whose cookies were written with a previous Tornado
-        version).
-        """
+    def get_secure_cookie(self, name, value=None, max_age_days=31):
+        """Returns the given signed cookie if it validates, or None."""
          if value is None: value = self.get_cookie(name)
          if not value: return None
          parts = utf8(value).split(b("|"))
          if len(parts) != 3: return None
-        if include_name:
-            signature = self._cookie_signature(name, parts[0], parts[1])
-        else:
-            signature = self._cookie_signature(parts[0], parts[1])
+        signature = self._cookie_signature(name, parts[0], parts[1])
          if not _time_independent_equals(parts[2], signature):
              logging.warning("Invalid cookie signature %r", value)
              return None
diff --git a/website/sphinx/releases/next.rst b/website/sphinx/releases/next.rst

index b97b0fb23dddb123060e2673add5eaa2b846bcf3..22735cd3da3b69a97bd09bd82fd7e1c1b1620244 100644 (file)
--- a/website/sphinx/releases/next.rst
+++ b/website/sphinx/releases/next.rst
@@ -4,6 +4,13 @@ What's new in the next release of Tornado
  In progress
  -----------
  
+Backwards-incompatible changes
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* Support for secure cookies written by pre-1.0 releases of Tornado has
+  been removed.  The `RequestHandler.get_secure_cookie` method no longer
+  takes an ``include_name`` parameter.
+
  New features
  ~~~~~~~~~~~~
author	Ben Darnell <ben@bendarnell.com>
	Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)
committer	Ben Darnell <ben@bendarnell.com>
	Mon, 27 Jun 2011 01:32:41 +0000 (18:32 -0700)
tornado/web.py		patch \| blob \| blame \| history
website/sphinx/releases/next.rst		patch \| blob \| blame \| history