[tor-commits] [ooni-probe/master] ui/web/server.py: pass binary, not unicode cookies
art at torproject.org
art at torproject.org
Mon Sep 19 12:14:25 UTC 2016
commit 21548e9f0f53100336ef4f22d423f5f728a117e5
Author: Simone Basso <bassosimone at gmail.com>
Date: Mon Sep 19 11:04:53 2016 +0200
ui/web/server.py: pass binary, not unicode cookies
It seems that Twisted has added a function enforcing binary
data (not unicode, or str) when sending to the network.
Thus, make sure that we pass cookies as binary (more specifically
ascii encoded data) to avoid a Twisted error.
---
ooni/ui/web/server.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ooni/ui/web/server.py b/ooni/ui/web/server.py
index eec82d3..385bf18 100644
--- a/ooni/ui/web/server.py
+++ b/ooni/ui/web/server.py
@@ -56,13 +56,13 @@ def xsrf_protect(check=True):
@wraps(f)
def wrapper(instance, request, *a, **kw):
should_check = check and instance._enable_xsrf_protection
- token_cookie = request.getCookie(u'XSRF-TOKEN')
+ token_cookie = request.getCookie(b'XSRF-TOKEN')
token_header = request.getHeader(b"X-XSRF-TOKEN")
if (token_cookie != instance._xsrf_token and
instance._enable_xsrf_protection):
- request.addCookie(u'XSRF-TOKEN',
+ request.addCookie(b'XSRF-TOKEN',
instance._xsrf_token,
- path=u'/')
+ path=b'/')
if should_check and token_cookie != token_header:
raise WebUIError(404, "Invalid XSRF token")
return f(instance, request, *a, **kw)
@@ -161,7 +161,7 @@ class WebUIAPI(object):
# We use a double submit token to protect against XSRF
rng = SystemRandom()
token_space = string.letters+string.digits
- self._xsrf_token = ''.join([rng.choice(token_space)
+ self._xsrf_token = b''.join([rng.choice(token_space)
for _ in range(30)])
self._director_started = False
More information about the tor-commits
mailing list