Ticket #1406: turbogears_visit_cookie_timeout.patch

File turbogears_visit_cookie_timeout.patch, 1.6 kB (added by j, 1 year ago)

ie and safari will not save cookies with max-age set, has to be expires

  • turbogears/visit/api.py

    old new  
    33import threading 
    44from random import random 
    55from datetime import timedelta, datetime 
     6import time 
    67 
    78import cherrypy 
    89import pkg_resources 
     
    125126        self.cookie_secure= get( "visit.cookie.secure", False ) 
    126127        # By default, I don't specify the cookie domain. 
    127128        self.cookie_domain= get( "visit.cookie.domain", None ) 
     129        self.cookie_max_age = int(get( "visit.timeout", "20")) * 60 
    128130        assert self.cookie_domain!="localhost", \ 
    129131               "localhost is not a valid value for visit.cookie.domain. Try None instead." 
    130132 
     
    194196        cookies= cherrypy.response.simple_cookie 
    195197        cookies[self.cookie_name]= visit_key 
    196198        cookies[self.cookie_name]['path']= self.cookie_path 
     199        # We'd like to use the "max-age" param as 
     200        #   http://www.faqs.org/rfcs/rfc2109.html indicates but IE doesn't 
     201        #   save it to disk and the session is lost if people close 
     202        #   the browser 
     203        #   So we have to use the old "expires" ... sigh ... 
     204        #cookies[self.cookie_name]['max-age']= self.cookie_max_age 
     205        gmt_expiration_time = time.gmtime(time.time() + self.cookie_max_age) 
     206        cookies[self.cookie_name]['expires'] = time.strftime( 
     207                        "%a, %d-%b-%Y %H:%M:%S GMT", gmt_expiration_time) 
    197208        if self.cookie_secure: 
    198209            cookies[self.cookie_name]['secure']= True 
    199210        if self.cookie_domain: