[tor-commits] [ooni-probe/master] Revert "Revert "ui/web/server.py: pass binary, not unicode cookies""

commit 897041c08eb6a54e8b181781718412d1500e9800 Author: Simone Basso bassosimone@gmail.com Date: Mon Sep 19 12:12:42 2016 +0200

Revert "Revert "ui/web/server.py: pass binary, not unicode cookies""

This reverts commit baee35fe51e70547e6128885ee0a97e1937d95d0 because apparently the error was on a unrelated code path. --- ooni/ui/web/server.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ooni/ui/web/server.py b/ooni/ui/web/server.py index eec82d3..385bf18 100644 --- a/ooni/ui/web/server.py +++ b/ooni/ui/web/server.py @@ -56,13 +56,13 @@ def xsrf_protect(check=True): @wraps(f) def wrapper(instance, request, *a, **kw): should_check = check and instance._enable_xsrf_protection - token_cookie = request.getCookie(u'XSRF-TOKEN') + token_cookie = request.getCookie(b'XSRF-TOKEN') token_header = request.getHeader(b"X-XSRF-TOKEN") if (token_cookie != instance._xsrf_token and instance._enable_xsrf_protection): - request.addCookie(u'XSRF-TOKEN', + request.addCookie(b'XSRF-TOKEN', instance._xsrf_token, - path=u'/') + path=b'/') if should_check and token_cookie != token_header: raise WebUIError(404, "Invalid XSRF token") return f(instance, request, *a, **kw) @@ -161,7 +161,7 @@ class WebUIAPI(object): # We use a double submit token to protect against XSRF rng = SystemRandom() token_space = string.letters+string.digits - self._xsrf_token = ''.join([rng.choice(token_space) + self._xsrf_token = b''.join([rng.choice(token_space) for _ in range(30)])

self._director_started = False