| 1 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| 2 | <html> |
| 3 | <head> |
| 4 | <link rel="STYLESHEET" href="lib.css" type='text/css' /> |
| 5 | <link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" /> |
| 6 | <link rel='start' href='../index.html' title='Python Documentation Index' /> |
| 7 | <link rel="first" href="lib.html" title='Python Library Reference' /> |
| 8 | <link rel='contents' href='contents.html' title="Contents" /> |
| 9 | <link rel='index' href='genindex.html' title='Index' /> |
| 10 | <link rel='last' href='about.html' title='About this document...' /> |
| 11 | <link rel='help' href='about.html' title='About this document...' /> |
| 12 | <link rel="next" href="cookie-jar-objects.html" /> |
| 13 | <link rel="prev" href="cookie-policy-objects.html" /> |
| 14 | <link rel="parent" href="module-cookielib.html" /> |
| 15 | <link rel="next" href="cookie-jar-objects.html" /> |
| 16 | <meta name='aesop' content='information' /> |
| 17 | <title>11.20.4 DefaultCookiePolicy Objects </title> |
| 18 | </head> |
| 19 | <body> |
| 20 | <DIV CLASS="navigation"> |
| 21 | <div id='top-navigation-panel' xml:id='top-navigation-panel'> |
| 22 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> |
| 23 | <tr> |
| 24 | <td class='online-navigation'><a rel="prev" title="11.20.3 CookiePolicy Objects" |
| 25 | href="cookie-policy-objects.html"><img src='../icons/previous.png' |
| 26 | border='0' height='32' alt='Previous Page' width='32' /></A></td> |
| 27 | <td class='online-navigation'><a rel="parent" title="11.20 cookielib " |
| 28 | href="module-cookielib.html"><img src='../icons/up.png' |
| 29 | border='0' height='32' alt='Up One Level' width='32' /></A></td> |
| 30 | <td class='online-navigation'><a rel="next" title="11.20.5 Cookie Objects" |
| 31 | href="cookie-jar-objects.html"><img src='../icons/next.png' |
| 32 | border='0' height='32' alt='Next Page' width='32' /></A></td> |
| 33 | <td align="center" width="100%">Python Library Reference</td> |
| 34 | <td class='online-navigation'><a rel="contents" title="Table of Contents" |
| 35 | href="contents.html"><img src='../icons/contents.png' |
| 36 | border='0' height='32' alt='Contents' width='32' /></A></td> |
| 37 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' |
| 38 | border='0' height='32' alt='Module Index' width='32' /></a></td> |
| 39 | <td class='online-navigation'><a rel="index" title="Index" |
| 40 | href="genindex.html"><img src='../icons/index.png' |
| 41 | border='0' height='32' alt='Index' width='32' /></A></td> |
| 42 | </tr></table> |
| 43 | <div class='online-navigation'> |
| 44 | <b class="navlabel">Previous:</b> |
| 45 | <a class="sectref" rel="prev" href="cookie-policy-objects.html">11.20.3 CookiePolicy Objects</A> |
| 46 | <b class="navlabel">Up:</b> |
| 47 | <a class="sectref" rel="parent" href="module-cookielib.html">11.20 cookielib </A> |
| 48 | <b class="navlabel">Next:</b> |
| 49 | <a class="sectref" rel="next" href="cookie-jar-objects.html">11.20.5 Cookie Objects</A> |
| 50 | </div> |
| 51 | <hr /></div> |
| 52 | </DIV> |
| 53 | <!--End of Navigation Panel--> |
| 54 | |
| 55 | <H2><A NAME="SECTION00132040000000000000000"></A><A NAME="default-cookie-policy-objects"></A> |
| 56 | <BR> |
| 57 | 11.20.4 DefaultCookiePolicy Objects |
| 58 | </H2> |
| 59 | |
| 60 | <P> |
| 61 | Implements the standard rules for accepting and returning cookies. |
| 62 | |
| 63 | <P> |
| 64 | Both RFC 2965 and Netscape cookies are covered. RFC 2965 handling is |
| 65 | switched off by default. |
| 66 | |
| 67 | <P> |
| 68 | The easiest way to provide your own policy is to override this class |
| 69 | and call its methods in your overridden implementations before adding |
| 70 | your own additional checks: |
| 71 | |
| 72 | <P> |
| 73 | <div class="verbatim"><pre> |
| 74 | import cookielib |
| 75 | class MyCookiePolicy(cookielib.DefaultCookiePolicy): |
| 76 | def set_ok(self, cookie, request): |
| 77 | if not cookielib.DefaultCookiePolicy.set_ok(self, cookie, request): |
| 78 | return False |
| 79 | if i_dont_want_to_store_this_cookie(cookie): |
| 80 | return False |
| 81 | return True |
| 82 | </pre></div> |
| 83 | |
| 84 | <P> |
| 85 | In addition to the features required to implement the |
| 86 | <tt class="class">CookiePolicy</tt> interface, this class allows you to block and |
| 87 | allow domains from setting and receiving cookies. There are also some |
| 88 | strictness switches that allow you to tighten up the rather loose |
| 89 | Netscape protocol rules a little bit (at the cost of blocking some |
| 90 | benign cookies). |
| 91 | |
| 92 | <P> |
| 93 | A domain blacklist and whitelist is provided (both off by default). |
| 94 | Only domains not in the blacklist and present in the whitelist (if the |
| 95 | whitelist is active) participate in cookie setting and returning. Use |
| 96 | the <var>blocked_domains</var> constructor argument, and |
| 97 | <tt class="method">blocked_domains()</tt> and <tt class="method">set_blocked_domains()</tt> methods |
| 98 | (and the corresponding argument and methods for |
| 99 | <var>allowed_domains</var>). If you set a whitelist, you can turn it off |
| 100 | again by setting it to <tt class="constant">None</tt>. |
| 101 | |
| 102 | <P> |
| 103 | Domains in block or allow lists that do not start with a dot must |
| 104 | equal the cookie domain to be matched. For example, |
| 105 | <code>"example.com"</code> matches a blacklist entry of |
| 106 | <code>"example.com"</code>, but <code>"www.example.com"</code> does not. Domains |
| 107 | that do start with a dot are matched by more specific domains too. |
| 108 | For example, both <code>"www.example.com"</code> and |
| 109 | <code>"www.coyote.example.com"</code> match <code>".example.com"</code> (but |
| 110 | <code>"example.com"</code> itself does not). IP addresses are an exception, |
| 111 | and must match exactly. For example, if blocked_domains contains |
| 112 | <code>"192.168.1.2"</code> and <code>".168.1.2"</code>, 192.168.1.2 is blocked, |
| 113 | but 193.168.1.2 is not. |
| 114 | |
| 115 | <P> |
| 116 | <tt class="class">DefaultCookiePolicy</tt> implements the following additional |
| 117 | methods: |
| 118 | |
| 119 | <P> |
| 120 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 121 | <td><nobr><b><tt id='l2h-3643' xml:id='l2h-3643' class="method">blocked_domains</tt></b>(</nobr></td> |
| 122 | <td><var></var>)</td></tr></table></dt> |
| 123 | <dd> |
| 124 | Return the sequence of blocked domains (as a tuple). |
| 125 | </dl> |
| 126 | |
| 127 | <P> |
| 128 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 129 | <td><nobr><b><tt id='l2h-3644' xml:id='l2h-3644' class="method">set_blocked_domains</tt></b>(</nobr></td> |
| 130 | <td><var>blocked_domains</var>)</td></tr></table></dt> |
| 131 | <dd> |
| 132 | Set the sequence of blocked domains. |
| 133 | </dl> |
| 134 | |
| 135 | <P> |
| 136 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 137 | <td><nobr><b><tt id='l2h-3645' xml:id='l2h-3645' class="method">is_blocked</tt></b>(</nobr></td> |
| 138 | <td><var>domain</var>)</td></tr></table></dt> |
| 139 | <dd> |
| 140 | Return whether <var>domain</var> is on the blacklist for setting or |
| 141 | receiving cookies. |
| 142 | </dl> |
| 143 | |
| 144 | <P> |
| 145 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 146 | <td><nobr><b><tt id='l2h-3646' xml:id='l2h-3646' class="method">allowed_domains</tt></b>(</nobr></td> |
| 147 | <td><var></var>)</td></tr></table></dt> |
| 148 | <dd> |
| 149 | Return <tt class="constant">None</tt>, or the sequence of allowed domains (as a tuple). |
| 150 | </dl> |
| 151 | |
| 152 | <P> |
| 153 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 154 | <td><nobr><b><tt id='l2h-3647' xml:id='l2h-3647' class="method">set_allowed_domains</tt></b>(</nobr></td> |
| 155 | <td><var>allowed_domains</var>)</td></tr></table></dt> |
| 156 | <dd> |
| 157 | Set the sequence of allowed domains, or <tt class="constant">None</tt>. |
| 158 | </dl> |
| 159 | |
| 160 | <P> |
| 161 | <dl><dt><table cellpadding="0" cellspacing="0"><tr valign="baseline"> |
| 162 | <td><nobr><b><tt id='l2h-3648' xml:id='l2h-3648' class="method">is_not_allowed</tt></b>(</nobr></td> |
| 163 | <td><var>domain</var>)</td></tr></table></dt> |
| 164 | <dd> |
| 165 | Return whether <var>domain</var> is not on the whitelist for setting or |
| 166 | receiving cookies. |
| 167 | </dl> |
| 168 | |
| 169 | <P> |
| 170 | <tt class="class">DefaultCookiePolicy</tt> instances have the following attributes, |
| 171 | which are all initialised from the constructor arguments of the same |
| 172 | name, and which may all be assigned to. |
| 173 | |
| 174 | <P> |
| 175 | General strictness switches: |
| 176 | |
| 177 | <P> |
| 178 | <dl><dt><b><tt id='l2h-3649' xml:id='l2h-3649' class="member">strict_domain</tt></b></dt> |
| 179 | <dd> |
| 180 | Don't allow sites to set two-component domains with country-code |
| 181 | top-level domains like <code>.co.uk</code>, <code>.gov.uk</code>, |
| 182 | <code>.co.nz</code>.etc. This is far from perfect and isn't guaranteed to |
| 183 | work! |
| 184 | </dl> |
| 185 | |
| 186 | <P> |
| 187 | RFC 2965 protocol strictness switches: |
| 188 | |
| 189 | <P> |
| 190 | <dl><dt><b><tt id='l2h-3650' xml:id='l2h-3650' class="member">strict_rfc2965_unverifiable</tt></b></dt> |
| 191 | <dd> |
| 192 | Follow RFC 2965 rules on unverifiable transactions (usually, an |
| 193 | unverifiable transaction is one resulting from a redirect or a request |
| 194 | for an image hosted on another site). If this is false, cookies are |
| 195 | <em>never</em> blocked on the basis of verifiability |
| 196 | </dl> |
| 197 | |
| 198 | <P> |
| 199 | Netscape protocol strictness switches: |
| 200 | |
| 201 | <P> |
| 202 | <dl><dt><b><tt id='l2h-3651' xml:id='l2h-3651' class="member">strict_ns_unverifiable</tt></b></dt> |
| 203 | <dd> |
| 204 | apply RFC 2965 rules on unverifiable transactions even to Netscape |
| 205 | cookies |
| 206 | </dl> |
| 207 | <dl><dt><b><tt id='l2h-3652' xml:id='l2h-3652' class="member">strict_ns_domain</tt></b></dt> |
| 208 | <dd> |
| 209 | Flags indicating how strict to be with domain-matching rules for |
| 210 | Netscape cookies. See below for acceptable values. |
| 211 | </dl> |
| 212 | <dl><dt><b><tt id='l2h-3653' xml:id='l2h-3653' class="member">strict_ns_set_initial_dollar</tt></b></dt> |
| 213 | <dd> |
| 214 | Ignore cookies in Set-Cookie: headers that have names starting with |
| 215 | <code>'$'</code>. |
| 216 | </dl> |
| 217 | <dl><dt><b><tt id='l2h-3654' xml:id='l2h-3654' class="member">strict_ns_set_path</tt></b></dt> |
| 218 | <dd> |
| 219 | Don't allow setting cookies whose path doesn't path-match request URI. |
| 220 | </dl> |
| 221 | |
| 222 | <P> |
| 223 | <tt class="member">strict_ns_domain</tt> is a collection of flags. Its value is |
| 224 | constructed by or-ing together (for example, |
| 225 | <code>DomainStrictNoDots|DomainStrictNonDomain</code> means both flags are |
| 226 | set). |
| 227 | |
| 228 | <P> |
| 229 | <dl><dt><b><tt id='l2h-3655' xml:id='l2h-3655' class="member">DomainStrictNoDots</tt></b></dt> |
| 230 | <dd> |
| 231 | When setting cookies, the 'host prefix' must not contain a dot |
| 232 | (eg. <code>www.foo.bar.com</code> can't set a cookie for <code>.bar.com</code>, |
| 233 | because <code>www.foo</code> contains a dot). |
| 234 | </dl> |
| 235 | <dl><dt><b><tt id='l2h-3656' xml:id='l2h-3656' class="member">DomainStrictNonDomain</tt></b></dt> |
| 236 | <dd> |
| 237 | Cookies that did not explicitly specify a <code>domain</code> |
| 238 | cookie-attribute can only be returned to a domain equal to the domain |
| 239 | that set the cookie (eg. <code>spam.example.com</code> won't be returned |
| 240 | cookies from <code>example.com</code> that had no <code>domain</code> |
| 241 | cookie-attribute). |
| 242 | </dl> |
| 243 | <dl><dt><b><tt id='l2h-3657' xml:id='l2h-3657' class="member">DomainRFC2965Match</tt></b></dt> |
| 244 | <dd> |
| 245 | When setting cookies, require a full RFC 2965 domain-match. |
| 246 | </dl> |
| 247 | |
| 248 | <P> |
| 249 | The following attributes are provided for convenience, and are the |
| 250 | most useful combinations of the above flags: |
| 251 | |
| 252 | <P> |
| 253 | <dl><dt><b><tt id='l2h-3658' xml:id='l2h-3658' class="member">DomainLiberal</tt></b></dt> |
| 254 | <dd> |
| 255 | Equivalent to 0 (ie. all of the above Netscape domain strictness flags |
| 256 | switched off). |
| 257 | </dl> |
| 258 | <dl><dt><b><tt id='l2h-3659' xml:id='l2h-3659' class="member">DomainStrict</tt></b></dt> |
| 259 | <dd> |
| 260 | Equivalent to <code>DomainStrictNoDots|DomainStrictNonDomain</code>. |
| 261 | </dl> |
| 262 | |
| 263 | <P> |
| 264 | |
| 265 | <DIV CLASS="navigation"> |
| 266 | <div class='online-navigation'> |
| 267 | <p></p><hr /> |
| 268 | <table align="center" width="100%" cellpadding="0" cellspacing="2"> |
| 269 | <tr> |
| 270 | <td class='online-navigation'><a rel="prev" title="11.20.3 CookiePolicy Objects" |
| 271 | href="cookie-policy-objects.html"><img src='../icons/previous.png' |
| 272 | border='0' height='32' alt='Previous Page' width='32' /></A></td> |
| 273 | <td class='online-navigation'><a rel="parent" title="11.20 cookielib " |
| 274 | href="module-cookielib.html"><img src='../icons/up.png' |
| 275 | border='0' height='32' alt='Up One Level' width='32' /></A></td> |
| 276 | <td class='online-navigation'><a rel="next" title="11.20.5 Cookie Objects" |
| 277 | href="cookie-jar-objects.html"><img src='../icons/next.png' |
| 278 | border='0' height='32' alt='Next Page' width='32' /></A></td> |
| 279 | <td align="center" width="100%">Python Library Reference</td> |
| 280 | <td class='online-navigation'><a rel="contents" title="Table of Contents" |
| 281 | href="contents.html"><img src='../icons/contents.png' |
| 282 | border='0' height='32' alt='Contents' width='32' /></A></td> |
| 283 | <td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png' |
| 284 | border='0' height='32' alt='Module Index' width='32' /></a></td> |
| 285 | <td class='online-navigation'><a rel="index" title="Index" |
| 286 | href="genindex.html"><img src='../icons/index.png' |
| 287 | border='0' height='32' alt='Index' width='32' /></A></td> |
| 288 | </tr></table> |
| 289 | <div class='online-navigation'> |
| 290 | <b class="navlabel">Previous:</b> |
| 291 | <a class="sectref" rel="prev" href="cookie-policy-objects.html">11.20.3 CookiePolicy Objects</A> |
| 292 | <b class="navlabel">Up:</b> |
| 293 | <a class="sectref" rel="parent" href="module-cookielib.html">11.20 cookielib </A> |
| 294 | <b class="navlabel">Next:</b> |
| 295 | <a class="sectref" rel="next" href="cookie-jar-objects.html">11.20.5 Cookie Objects</A> |
| 296 | </div> |
| 297 | </div> |
| 298 | <hr /> |
| 299 | <span class="release-info">Release 2.4.2, documentation updated on 28 September 2005.</span> |
| 300 | </DIV> |
| 301 | <!--End of Navigation Panel--> |
| 302 | <ADDRESS> |
| 303 | See <i><a href="about.html">About this document...</a></i> for information on suggesting changes. |
| 304 | </ADDRESS> |
| 305 | </BODY> |
| 306 | </HTML> |