Skip falsy values for SimpleCookie flags

author Craig Campbell <craig@vimeo.com>

Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)

committer Craig Campbell <craig@vimeo.com>

Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)
author Craig Campbell <craig@vimeo.com>
Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)
committer Craig Campbell <craig@vimeo.com>
Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)
diff --git a/tornado/web.py b/tornado/web.py

index 52bfce3663f8d1c585e25cff67c3aafd5f9114ab..f6cb99429a8efd1c8ddc6f737401ea29df6c1708 100644 (file)
--- a/tornado/web.py
+++ b/tornado/web.py
@@ -524,6 +524,12 @@ class RequestHandler(object):
          for k, v in kwargs.items():
              if k == 'max_age':
                  k = 'max-age'
+
+            # skip falsy values for httponly and secure flags because
+            # SimpleCookie sets them regardless
+            if k in ['httponly', 'secure'] and not v:
+                continue
+
              morsel[k] = v
  
      def clear_cookie(self, name, path="/", domain=None):
author	Craig Campbell <craig@vimeo.com>
	Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)
committer	Craig Campbell <craig@vimeo.com>
	Tue, 3 Feb 2015 21:05:01 +0000 (16:05 -0500)