[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [ooni-probe/master] Revert "Revert "ui/web/server.py: pass binary, not unicode cookies""
commit 897041c08eb6a54e8b181781718412d1500e9800
Author: Simone Basso <bassosimone@xxxxxxxxx>
Date: Mon Sep 19 12:12:42 2016 +0200
Revert "Revert "ui/web/server.py: pass binary, not unicode cookies""
This reverts commit baee35fe51e70547e6128885ee0a97e1937d95d0 because
apparently the error was on a unrelated code path.
---
ooni/ui/web/server.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ooni/ui/web/server.py b/ooni/ui/web/server.py
index eec82d3..385bf18 100644
--- a/ooni/ui/web/server.py
+++ b/ooni/ui/web/server.py
@@ -56,13 +56,13 @@ def xsrf_protect(check=True):
@wraps(f)
def wrapper(instance, request, *a, **kw):
should_check = check and instance._enable_xsrf_protection
- token_cookie = request.getCookie(u'XSRF-TOKEN')
+ token_cookie = request.getCookie(b'XSRF-TOKEN')
token_header = request.getHeader(b"X-XSRF-TOKEN")
if (token_cookie != instance._xsrf_token and
instance._enable_xsrf_protection):
- request.addCookie(u'XSRF-TOKEN',
+ request.addCookie(b'XSRF-TOKEN',
instance._xsrf_token,
- path=u'/')
+ path=b'/')
if should_check and token_cookie != token_header:
raise WebUIError(404, "Invalid XSRF token")
return f(instance, request, *a, **kw)
@@ -161,7 +161,7 @@ class WebUIAPI(object):
# We use a double submit token to protect against XSRF
rng = SystemRandom()
token_space = string.letters+string.digits
- self._xsrf_token = ''.join([rng.choice(token_space)
+ self._xsrf_token = b''.join([rng.choice(token_space)
for _ in range(30)])
self._director_started = False
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits