Closed neramusis closed 3 years ago
Technically the format is not wrong -- it is 100% RFC compliant. Your servers are not 100% compliant. The client behavior could be fixed anyway, PR is welcome.
See also #2544 / #2545 discussion
Also having this issue. The cookie I have to send to the backend service may look something like this:
asdf+somestring/anotherstring=
Tested that it worked in both requests
and httpx
, so took a while to figure out why.
EDIT: Hmm, maybe not. I tried the echo service: EDIT2: No, this is the exact behaviour I see.
httpx
and requests
cookies look like this when printing request.headers
in a Django
middleware:
# httpx
{... 'Cookie': 'My-Cookie=asdf+somestring/anotherstring='}
while aiohttp
looks like this:
# aiohttp
{... 'Cookie': 'My-Cookie="asdf+somestring/anotherstring="'}
@asvetlov , I was gonna try to raise a PR, but being the first time using aiohttp
today - the library is a bit massive, and I'm not able to figure out where the qoutes are actually injected. It seems that BaseCookie
is how, but even if I overwrite the current SimpleCookie
and it's value_decode
/value_encode
methods, it makes no difference when it comes to whether or not the cookie is quoted or not.
Any tips on how to solve this?
@JonasKs try checking https://github.com/aio-libs/aiohttp/blob/master/aiohttp/cookiejar.py
@webknjaz I was looking there, and the message above is for this line of code, where the Morsel of SimpleCookie
is created, which inherits from BaseCookie
. It’s to my knowledge in BaseCookie
the convention is done, but I wasn’t able to find exactly where, or atleast how to properly change the flow.
Have you tried sticking a debugger there? To be it looks like a rendering issue. As if something does the interpolation using repr()
. Like f'{name}: {key}={value!r}'
.
FWIW try looking into how it gets into the headers.
It only happens when special characters (such as white space or slash) is in the string. I’ll have another look when I get back from vacation. Thanks!
Submitted a PR.
Looks like it is closed by #4881
While sending cookie with special symbols or spaces, aiohttp adds unnecessary quotes around cookie value.
This only occurs when cookies are added to session manually.
ClientSession(cookies={..})
or when updating existing session.Example what cookie should look like:
Example when unnecessary quotes are added:
This creates problem for server side to read cookies correctly.