Commit | Line | Data |
---|---|---|
920dae64 AT |
1 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
2 | <html> | |
3 | <head> | |
4 | <link rel="STYLESHEET" href="lib.css" type='text/css' /> | |
5 | <link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" /> | |
6 | <link rel='start' href='../index.html' title='Python Documentation Index' /> | |
7 | <link rel="first" href="lib.html" title='Python Library Reference' /> | |
8 | <link rel='contents' href='contents.html' title="Contents" /> | |
9 | <link rel='index' href='genindex.html' title='Index' /> | |
10 | <link rel='last' href='about.html' title='About this document...' /> | |
11 | <link rel='help' href='about.html' title='About this document...' /> | |
12 | <link rel="next" href="cookie-jar-objects.html" /> | |
13 | <link rel="prev" href="cookie-policy-objects.html" /> | |
14 | <link rel="parent" href="module-cookielib.html" /> | |
15 | <link rel="next" href="cookie-jar-objects.html" /> | |
16 | <meta name='aesop' content='information' /> | |
17 | <title>11.20.4 DefaultCookiePolicy Objects </title> | |
18 | </head> | |
19 | <body> | |
20 | <DIV CLASS="navigation"> | |
21 | <div id='top-navigation-panel' xml:id='top-navigation-panel'> | |
22 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> | |
23 | <tr> | |
24 | <td class='online-navigation'><a rel="prev" title="11.20.3 CookiePolicy Objects" | |
25 | href="cookie-policy-objects.html"><img src='../icons/previous.png' | |
26 | border='0' height='32' alt='Previous Page' width='32' /></A></td> | |
27 | <td class='online-navigation'><a rel="parent" title="11.20 cookielib " | |
28 | href="module-cookielib.html"><img src='../icons/up.png' | |
29 | border='0' height='32' alt='Up One Level' width='32' /></A></td> | |
30 | <td class='online-navigation'><a rel="next" title="11.20.5 Cookie Objects" | |
31 | href="cookie-jar-objects.html"><img src='../icons/next.png' | |
32 | border='0' height='32' alt='Next Page' width='32' /></A></td> | |
33 | <td align="center" width="100%">Python Library Reference</td> | |
34 | <td class='online-navigation'><a rel="contents" title="Table of Contents" | |
35 | href="contents.html"><img src='../icons/contents.png' | |
36 | border='0' height='32' alt='Contents' width='32' /></A></td> | |
37 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' | |
38 | border='0' height='32' alt='Module Index' width='32' /></a></td> | |
39 | <td class='online-navigation'><a rel="index" title="Index" | |
40 | href="genindex.html"><img src='../icons/index.png' | |
41 | border='0' height='32' alt='Index' width='32' /></A></td> | |
42 | </tr></table> | |
43 | <div class='online-navigation'> | |
44 | <b class="navlabel">Previous:</b> | |
45 | <a class="sectref" rel="prev" href="cookie-policy-objects.html">11.20.3 CookiePolicy Objects</A> | |
46 | <b class="navlabel">Up:</b> | |
47 | <a class="sectref" rel="parent" href="module-cookielib.html">11.20 cookielib </A> | |
48 | <b class="navlabel">Next:</b> | |
49 | <a class="sectref" rel="next" href="cookie-jar-objects.html">11.20.5 Cookie Objects</A> | |
50 | </div> | |
51 | <hr /></div> | |
52 | </DIV> | |
53 | <!--End of Navigation Panel--> | |
54 | ||
55 | <H2><A NAME="SECTION00132040000000000000000"></A><A NAME="default-cookie-policy-objects"></A> | |
56 | <BR> | |
57 | 11.20.4 DefaultCookiePolicy Objects | |
58 | </H2> | |
59 | ||
60 | <P> | |
61 | Implements the standard rules for accepting and returning cookies. | |
62 | ||
63 | <P> | |
64 | Both RFC 2965 and Netscape cookies are covered. RFC 2965 handling is | |
65 | switched off by default. | |
66 | ||
67 | <P> | |
68 | The easiest way to provide your own policy is to override this class | |
69 | and call its methods in your overridden implementations before adding | |
70 | your own additional checks: | |
71 | ||
72 | <P> | |
73 | <div class="verbatim"><pre> | |
74 | import cookielib | |
75 | class MyCookiePolicy(cookielib.DefaultCookiePolicy): | |
76 | def set_ok(self, cookie, request): | |
77 | if not cookielib.DefaultCookiePolicy.set_ok(self, cookie, request): | |
78 | return False | |
79 | if i_dont_want_to_store_this_cookie(cookie): | |
80 | return False | |
81 | return True | |
82 | </pre></div> | |
83 | ||
84 | <P> | |
85 | In addition to the features required to implement the | |
86 | <tt class="class">CookiePolicy</tt> interface, this class allows you to block and | |
87 | allow domains from setting and receiving cookies. There are also some | |
88 | strictness switches that allow you to tighten up the rather loose | |
89 | Netscape protocol rules a little bit (at the cost of blocking some | |
90 | benign cookies). | |
91 | ||
92 | <P> | |
93 | A domain blacklist and whitelist is provided (both off by default). | |
94 | Only domains not in the blacklist and present in the whitelist (if the | |
95 | whitelist is active) participate in cookie setting and returning. Use | |
96 | the <var>blocked_domains</var> constructor argument, and | |
97 | <tt class="method">blocked_domains()</tt> and <tt class="method">set_blocked_domains()</tt> methods | |
98 | (and the corresponding argument and methods for | |
99 | <var>allowed_domains</var>). If you set a whitelist, you can turn it off | |
100 | again by setting it to <tt class="constant">None</tt>. | |
101 | ||
102 | <P> | |
103 | Domains in block or allow lists that do not start with a dot must | |
104 | equal the cookie domain to be matched. For example, | |
105 | <code>"example.com"</code> matches a blacklist entry of | |
106 | <code>"example.com"</code>, but <code>"www.example.com"</code> does not. Domains | |
107 | that do start with a dot are matched by more specific domains too. | |
108 | For example, both <code>"www.example.com"</code> and | |
109 | <code>"www.coyote.example.com"</code> match <code>".example.com"</code> (but | |
110 | <code>"example.com"</code> itself does not). IP addresses are an exception, | |
111 | and must match exactly. For example, if blocked_domains contains | |
112 | <code>"192.168.1.2"</code> and <code>".168.1.2"</code>, 192.168.1.2 is blocked, | |
113 | but 193.168.1.2 is not. | |
114 | ||
115 | <P> | |
116 | <tt class="class">DefaultCookiePolicy</tt> implements the following additional | |
117 | methods: | |
118 | ||
119 | <P> | |
120 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
121 | <td><nobr><b><tt id='l2h-3643' xml:id='l2h-3643' class="method">blocked_domains</tt></b>(</nobr></td> | |
122 | <td><var></var>)</td></tr></table></dt> | |
123 | <dd> | |
124 | Return the sequence of blocked domains (as a tuple). | |
125 | </dl> | |
126 | ||
127 | <P> | |
128 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
129 | <td><nobr><b><tt id='l2h-3644' xml:id='l2h-3644' class="method">set_blocked_domains</tt></b>(</nobr></td> | |
130 | <td><var>blocked_domains</var>)</td></tr></table></dt> | |
131 | <dd> | |
132 | Set the sequence of blocked domains. | |
133 | </dl> | |
134 | ||
135 | <P> | |
136 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
137 | <td><nobr><b><tt id='l2h-3645' xml:id='l2h-3645' class="method">is_blocked</tt></b>(</nobr></td> | |
138 | <td><var>domain</var>)</td></tr></table></dt> | |
139 | <dd> | |
140 | Return whether <var>domain</var> is on the blacklist for setting or | |
141 | receiving cookies. | |
142 | </dl> | |
143 | ||
144 | <P> | |
145 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
146 | <td><nobr><b><tt id='l2h-3646' xml:id='l2h-3646' class="method">allowed_domains</tt></b>(</nobr></td> | |
147 | <td><var></var>)</td></tr></table></dt> | |
148 | <dd> | |
149 | Return <tt class="constant">None</tt>, or the sequence of allowed domains (as a tuple). | |
150 | </dl> | |
151 | ||
152 | <P> | |
153 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
154 | <td><nobr><b><tt id='l2h-3647' xml:id='l2h-3647' class="method">set_allowed_domains</tt></b>(</nobr></td> | |
155 | <td><var>allowed_domains</var>)</td></tr></table></dt> | |
156 | <dd> | |
157 | Set the sequence of allowed domains, or <tt class="constant">None</tt>. | |
158 | </dl> | |
159 | ||
160 | <P> | |
161 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> | |
162 | <td><nobr><b><tt id='l2h-3648' xml:id='l2h-3648' class="method">is_not_allowed</tt></b>(</nobr></td> | |
163 | <td><var>domain</var>)</td></tr></table></dt> | |
164 | <dd> | |
165 | Return whether <var>domain</var> is not on the whitelist for setting or | |
166 | receiving cookies. | |
167 | </dl> | |
168 | ||
169 | <P> | |
170 | <tt class="class">DefaultCookiePolicy</tt> instances have the following attributes, | |
171 | which are all initialised from the constructor arguments of the same | |
172 | name, and which may all be assigned to. | |
173 | ||
174 | <P> | |
175 | General strictness switches: | |
176 | ||
177 | <P> | |
178 | <dl><dt><b><tt id='l2h-3649' xml:id='l2h-3649' class="member">strict_domain</tt></b></dt> | |
179 | <dd> | |
180 | Don't allow sites to set two-component domains with country-code | |
181 | top-level domains like <code>.co.uk</code>, <code>.gov.uk</code>, | |
182 | <code>.co.nz</code>.etc. This is far from perfect and isn't guaranteed to | |
183 | work! | |
184 | </dl> | |
185 | ||
186 | <P> | |
187 | RFC 2965 protocol strictness switches: | |
188 | ||
189 | <P> | |
190 | <dl><dt><b><tt id='l2h-3650' xml:id='l2h-3650' class="member">strict_rfc2965_unverifiable</tt></b></dt> | |
191 | <dd> | |
192 | Follow RFC 2965 rules on unverifiable transactions (usually, an | |
193 | unverifiable transaction is one resulting from a redirect or a request | |
194 | for an image hosted on another site). If this is false, cookies are | |
195 | <em>never</em> blocked on the basis of verifiability | |
196 | </dl> | |
197 | ||
198 | <P> | |
199 | Netscape protocol strictness switches: | |
200 | ||
201 | <P> | |
202 | <dl><dt><b><tt id='l2h-3651' xml:id='l2h-3651' class="member">strict_ns_unverifiable</tt></b></dt> | |
203 | <dd> | |
204 | apply RFC 2965 rules on unverifiable transactions even to Netscape | |
205 | cookies | |
206 | </dl> | |
207 | <dl><dt><b><tt id='l2h-3652' xml:id='l2h-3652' class="member">strict_ns_domain</tt></b></dt> | |
208 | <dd> | |
209 | Flags indicating how strict to be with domain-matching rules for | |
210 | Netscape cookies. See below for acceptable values. | |
211 | </dl> | |
212 | <dl><dt><b><tt id='l2h-3653' xml:id='l2h-3653' class="member">strict_ns_set_initial_dollar</tt></b></dt> | |
213 | <dd> | |
214 | Ignore cookies in Set-Cookie: headers that have names starting with | |
215 | <code>'$'</code>. | |
216 | </dl> | |
217 | <dl><dt><b><tt id='l2h-3654' xml:id='l2h-3654' class="member">strict_ns_set_path</tt></b></dt> | |
218 | <dd> | |
219 | Don't allow setting cookies whose path doesn't path-match request URI. | |
220 | </dl> | |
221 | ||
222 | <P> | |
223 | <tt class="member">strict_ns_domain</tt> is a collection of flags. Its value is | |
224 | constructed by or-ing together (for example, | |
225 | <code>DomainStrictNoDots|DomainStrictNonDomain</code> means both flags are | |
226 | set). | |
227 | ||
228 | <P> | |
229 | <dl><dt><b><tt id='l2h-3655' xml:id='l2h-3655' class="member">DomainStrictNoDots</tt></b></dt> | |
230 | <dd> | |
231 | When setting cookies, the 'host prefix' must not contain a dot | |
232 | (eg. <code>www.foo.bar.com</code> can't set a cookie for <code>.bar.com</code>, | |
233 | because <code>www.foo</code> contains a dot). | |
234 | </dl> | |
235 | <dl><dt><b><tt id='l2h-3656' xml:id='l2h-3656' class="member">DomainStrictNonDomain</tt></b></dt> | |
236 | <dd> | |
237 | Cookies that did not explicitly specify a <code>domain</code> | |
238 | cookie-attribute can only be returned to a domain equal to the domain | |
239 | that set the cookie (eg. <code>spam.example.com</code> won't be returned | |
240 | cookies from <code>example.com</code> that had no <code>domain</code> | |
241 | cookie-attribute). | |
242 | </dl> | |
243 | <dl><dt><b><tt id='l2h-3657' xml:id='l2h-3657' class="member">DomainRFC2965Match</tt></b></dt> | |
244 | <dd> | |
245 | When setting cookies, require a full RFC 2965 domain-match. | |
246 | </dl> | |
247 | ||
248 | <P> | |
249 | The following attributes are provided for convenience, and are the | |
250 | most useful combinations of the above flags: | |
251 | ||
252 | <P> | |
253 | <dl><dt><b><tt id='l2h-3658' xml:id='l2h-3658' class="member">DomainLiberal</tt></b></dt> | |
254 | <dd> | |
255 | Equivalent to 0 (ie. all of the above Netscape domain strictness flags | |
256 | switched off). | |
257 | </dl> | |
258 | <dl><dt><b><tt id='l2h-3659' xml:id='l2h-3659' class="member">DomainStrict</tt></b></dt> | |
259 | <dd> | |
260 | Equivalent to <code>DomainStrictNoDots|DomainStrictNonDomain</code>. | |
261 | </dl> | |
262 | ||
263 | <P> | |
264 | ||
265 | <DIV CLASS="navigation"> | |
266 | <div class='online-navigation'> | |
267 | <p></p><hr /> | |
268 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> | |
269 | <tr> | |
270 | <td class='online-navigation'><a rel="prev" title="11.20.3 CookiePolicy Objects" | |
271 | href="cookie-policy-objects.html"><img src='../icons/previous.png' | |
272 | border='0' height='32' alt='Previous Page' width='32' /></A></td> | |
273 | <td class='online-navigation'><a rel="parent" title="11.20 cookielib " | |
274 | href="module-cookielib.html"><img src='../icons/up.png' | |
275 | border='0' height='32' alt='Up One Level' width='32' /></A></td> | |
276 | <td class='online-navigation'><a rel="next" title="11.20.5 Cookie Objects" | |
277 | href="cookie-jar-objects.html"><img src='../icons/next.png' | |
278 | border='0' height='32' alt='Next Page' width='32' /></A></td> | |
279 | <td align="center" width="100%">Python Library Reference</td> | |
280 | <td class='online-navigation'><a rel="contents" title="Table of Contents" | |
281 | href="contents.html"><img src='../icons/contents.png' | |
282 | border='0' height='32' alt='Contents' width='32' /></A></td> | |
283 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' | |
284 | border='0' height='32' alt='Module Index' width='32' /></a></td> | |
285 | <td class='online-navigation'><a rel="index" title="Index" | |
286 | href="genindex.html"><img src='../icons/index.png' | |
287 | border='0' height='32' alt='Index' width='32' /></A></td> | |
288 | </tr></table> | |
289 | <div class='online-navigation'> | |
290 | <b class="navlabel">Previous:</b> | |
291 | <a class="sectref" rel="prev" href="cookie-policy-objects.html">11.20.3 CookiePolicy Objects</A> | |
292 | <b class="navlabel">Up:</b> | |
293 | <a class="sectref" rel="parent" href="module-cookielib.html">11.20 cookielib </A> | |
294 | <b class="navlabel">Next:</b> | |
295 | <a class="sectref" rel="next" href="cookie-jar-objects.html">11.20.5 Cookie Objects</A> | |
296 | </div> | |
297 | </div> | |
298 | <hr /> | |
299 | <span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span> | |
300 | </DIV> | |
301 | <!--End of Navigation Panel--> | |
302 | <ADDRESS> | |
303 | See <i><a href="about.html">About this document...</a></i> for information on suggesting changes. | |
304 | </ADDRESS> | |
305 | </BODY> | |
306 | </HTML> |