--------------
-.. class:: Morsel()
+.. class:: Morsel
Abstract a key/value pair, which has some :rfc:`2109` attributes.
* ``max-age``
* ``secure``
* ``version``
+ * ``httponly``
+
+ The attribute :attr:`httponly` specifies that the cookie is only transfered
+ in HTTP requests, and is not accessible through JavaScript. This is intended
+ to mitigate some forms of cross-site scripting.
The keys are case-insensitive.
+ .. versionadded:: 2.6
+ The :attr:`httponly` attribute was added.
+
.. attribute:: Morsel.value
# For historical reasons, these attributes are also reserved:
# expires
#
+ # This is an extension from Microsoft:
+ # httponly
+ #
# This dictionary provides a mapping from the lowercase
# variant on the left to the appropriate traditional
# formatting on the right.
"domain" : "Domain",
"max-age" : "Max-Age",
"secure" : "secure",
+ "httponly" : "httponly",
"version" : "Version",
}
RA("%s=%d" % (self._reserved[K], V))
elif K == "secure":
RA(str(self._reserved[K]))
+ elif K == "httponly":
+ RA(str(self._reserved[K]))
else:
RA("%s=%s" % (self._reserved[K], V))
Library
-------
+- Issue #1638033: Cookie.Morsel gained the httponly attribute.
+
- Issue #3535: zipfile couldn't read some zip files larger than 2GB.
- Issue #3776: Deprecate the bsddb package for removal in 3.0.
projects / thirdparty / Python / cpython.git / commitdiff
