cookie rewrite: remove 'Expires' property before rewriting cookies, as SimpleCookie ingores cookies if expires header doesn't follow strict format,

and expires header removed anyway later tests: update cookie tests to use class, test removal of Expires property
2025-03-15 00:03:28 +01:00 · 2017-11-09 21:05:07 -08:00 · 2017-11-09 21:05:07 -08:00 · da2ae0f373
commit da2ae0f373
parent 41f227d8ae
2 changed files with 40 additions and 33 deletions
--- a/pywb/rewrite/cookie_rewriter.py
+++ b/pywb/rewrite/cookie_rewriter.py
@ -7,14 +7,14 @@ import re
 class WbUrlBaseCookieRewriter(object):
    """ Base Cookie rewriter for wburl-based requests.
    """
-    UTC_RX = re.compile('((?:.*)Expires=(?:.*))UTC', re.I)
+    REMOVE_EXPIRES = re.compile('[;]\s*?expires=.{4}[^,;]+', re.I)

    def __init__(self, url_rewriter):
        self.url_rewriter = url_rewriter

    def rewrite(self, cookie_str, header='Set-Cookie'):
        results = []
-        cookie_str = self.UTC_RX.sub('\\1GMT', cookie_str)
+        cookie_str = self.REMOVE_EXPIRES.sub('', cookie_str)
        try:
            cookie = SimpleCookie(cookie_str)
        except CookieError:
--- a/pywb/rewrite/test/test_cookie_rewriter.py
+++ b/pywb/rewrite/test/test_cookie_rewriter.py
@ -89,38 +89,45 @@ def rewrite_cookie(cookie_str, rewriter=urlrewriter, scope='default'):
    return cookie_rewriter(rewriter).rewrite(cookie_str)


+# ============================================================================
@pytest.mark.skipif(sys.version_info < (2,7), reason='Unsupported')
-def test_with_expires():
-    # keep expires
-    res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 GMT', urlrewriter2, 'coll')
-    assert len(res) == 1
-    assert res[0][1].lower() == 'abc=def; expires=wed, 13 jan 2021 22:23:01 gmt; path=/preview/em_/http://example.com/file.html'
+class TestCookies(object):
+    def test_remove_expires(self):
+        res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 GMT', urlrewriter2, 'coll')
+        assert len(res) == 1
+        assert res[0][1].lower() == 'abc=def; path=/preview/em_/http://example.com/file.html'

-@pytest.mark.skipif(sys.version_info < (2,7), reason='Unsupported')
-def test_with_expires_utc_replace():
-    # keep expires, UTC->GMT
-    res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 UTC', urlrewriter2, 'coll')
-    assert len(res) == 1
-    assert res[0][1].lower() == 'abc=def; expires=wed, 13 jan 2021 22:23:01 gmt; path=/preview/em_/http://example.com/file.html'
-
-
-@pytest.mark.skipif(sys.version_info < (2,7), reason='Unsupported')
-def test_http_secure_flag():
-    res = rewrite_cookie('some=value; Domain=.example.com; Secure; Path=/diff/path/; HttpOnly; Max-Age=1500', urlrewriter, 'host')
-    assert len(res) == 1
-    assert res[0][1].lower() == 'some=value; httponly; path=/pywb/20131226101010/http://example.com/'
-
-@pytest.mark.skipif(sys.version_info < (2,7), reason='Unsupported')
-def test_secure_flag_remove():
-    # Secure Remove
-    res = rewrite_cookie('abc=def; Path=/file.html; HttpOnly; Secure', urlrewriter2, 'coll')
-    assert len(res) == 1
-    assert res[0][1].lower() == 'abc=def; httponly; path=/preview/em_/http://example.com/file.html'
-
-@pytest.mark.skipif(sys.version_info < (2,7), reason='Unsupported')
-def test_secure_flag_keep():
-    # Secure Keep
-    res = rewrite_cookie('abc=def; Path=/file.html; HttpOnly; Secure', urlrewriter3, 'coll')
-    assert res[0][1].lower() == 'abc=def; httponly; path=/preview/em_/http://example.com/file.html; secure'
+    def test_remove_expires_2(self):
+        res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 UTC', urlrewriter2, 'coll')
+        assert len(res) == 1
+        assert res[0][1].lower() == 'abc=def; path=/preview/em_/http://example.com/file.html'
+
+    def test_remove_expires_3(self):
+        res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 GMT; httponly; Max-Age=100', urlrewriter2, 'coll')
+        assert len(res) == 1
+        assert res[0][1].lower() == 'abc=def; httponly; max-age=100; path=/preview/em_/http://example.com/file.html'
+
+    def test_remove_expires_4(self):
+        res = rewrite_cookie('abc=def; Path=/file.html; Expires=Wed, 13 Jan 2021 22:23:01 GMT, foo=bar', urlrewriter2, 'coll')
+        assert len(res) == 2
+        res = sorted(res)
+        assert res[0][1].lower() == 'abc=def; path=/preview/em_/http://example.com/file.html,'
+        assert res[1][1].lower() == 'foo=bar'
+
+    def test_http_secure_flag(self):
+        res = rewrite_cookie('some=value; Domain=.example.com; Secure; Path=/diff/path/; HttpOnly; Max-Age=1500', urlrewriter, 'host')
+        assert len(res) == 1
+        assert res[0][1].lower() == 'some=value; httponly; path=/pywb/20131226101010/http://example.com/'
+
+    def test_secure_flag_remove(self):
+        # Secure Remove
+        res = rewrite_cookie('abc=def; Path=/file.html; HttpOnly; Secure', urlrewriter2, 'coll')
+        assert len(res) == 1
+        assert res[0][1].lower() == 'abc=def; httponly; path=/preview/em_/http://example.com/file.html'
+
+    def test_secure_flag_keep(self):
+        # Secure Keep
+        res = rewrite_cookie('abc=def; Path=/file.html; HttpOnly; Secure', urlrewriter3, 'coll')
+        assert res[0][1].lower() == 'abc=def; httponly; path=/preview/em_/http://example.com/file.html; secure'