webapp cookie handling

Skip to first unread message


May 8, 2008, 5:40:36 PM5/8/08
to Google App Engine
I know the subject has come up in other threads, but I haven't found a
clear answer on how to handle cookies under webapp.

I ended up using Cookie.py like this.

Setting a cookie (in this case, named "preview"):
C = Cookie.SmartCookie()
C['preview'] = preview
self.response.headers.add_header('Set-Cookie', C.output(header='') )

and then read it like this:

C = Cookie.SmartCookie()
if C.has_key('preview'):
preview = C['preview'].value

It looked OK, but then I noticed some warnings in the console Log that
Cookie.py is insecure and that it is depreceated.

So, what is the right way to handle (multiple) cookies, including
setting path, domain, etc.?

(I know I could use Django, etc, don't point me there. I need to use
webapp for now.)

Kevin Damm

May 9, 2008, 3:12:42 AM5/9/08
to Google App Engine
The WebOb reference
mentions cookies in the Request and Response objects (for reading and
writing, respectively).

However, attempting to use the cookie dictionary in self.request or
use the set_cookie function of self.response both fail in a
RequestHandler. So, I would also like to know the recommended way of
using cookies in a webapp-based AppEngine application.

- Kevin


May 9, 2008, 5:46:27 AM5/9/08
to Google App Engine
Here's how I did it. I don't set the path in this, but I'm sure once
you're able to have the cookies sent, you can just use the reference
to see how to properly have a path included.

# Set cookies for auto-fill
cookie = Cookie.SimpleCookie(self.request.headers.get('Cookie'))
cookie['pyib_name'] = self.request.get('name')
if post.email.lower() != 'sage' and post.email.lower() != 'age':
cookie['pyib_email'] = post.email
cookie['pyib_password'] = post.password
self.response.headers['Set-cookie'] = str(cookie)

On May 9, 12:12 am, Kevin Damm <kbd...@gmail.com> wrote:
> The WebOb referencehttp://pythonpaste.org/webob/reference.html


May 9, 2008, 9:54:30 AM5/9/08
to Google App Engine
>     cookie = Cookie.SimpleCookie(self.request.headers.get('Cookie'))

The problem is (as I mentioned in my first post) that AppEngine
creates a depreciation warning about Cookie.py.
(Go to AppEngine Console ->Logs->Warnings)

It works, but it's not the best way :-(

-- panayotis.
Reply all
Reply to author
0 new messages