Backport patch to not ascribe cookies to the target domain
This commit is contained in:
Ralph Bean
parent
32d2729e74
commit
2665991eea
22
python-requests-dont-ascribe-cookies.patch
Normal file
22
python-requests-dont-ascribe-cookies.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
From 3bd8afbff29e50b38f889b2f688785a669b9aafc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Cory Benfield <lukasaoz@gmail.com>
|
||||||
|
Date: Sat, 14 Mar 2015 08:49:55 +0000
|
||||||
|
Subject: [PATCH] Don't ascribe cookies to the target domain.
|
||||||
|
|
||||||
|
---
|
||||||
|
requests/sessions.py | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/requests/sessions.py b/requests/sessions.py
|
||||||
|
index 4f30696..9d5498c 100644
|
||||||
|
--- a/requests/sessions.py
|
||||||
|
+++ b/requests/sessions.py
|
||||||
|
@@ -171,7 +171,7 @@ def resolve_redirects(self, resp, req, stream=False, timeout=None,
|
||||||
|
except KeyError:
|
||||||
|
pass
|
||||||
|
|
||||||
|
- extract_cookies_to_jar(prepared_request._cookies, prepared_request, resp.raw)
|
||||||
|
+ extract_cookies_to_jar(prepared_request._cookies, req, resp.raw)
|
||||||
|
prepared_request._cookies.update(self.cookies)
|
||||||
|
prepared_request.prepare_cookies(prepared_request._cookies)
|
||||||
|
|
||||||
@ -6,7 +6,7 @@
|
|||||||
|
|
||||||
Name: python-requests
|
Name: python-requests
|
||||||
Version: 2.5.3
|
Version: 2.5.3
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: HTTP library, written in Python, for human beings
|
Summary: HTTP library, written in Python, for human beings
|
||||||
|
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
@ -19,6 +19,10 @@ Patch0: python-requests-system-cert-bundle.patch
|
|||||||
# Remove an unnecessary reference to a bundled compat lib in urllib3
|
# Remove an unnecessary reference to a bundled compat lib in urllib3
|
||||||
Patch1: python-requests-remove-nested-bundling-dep.patch
|
Patch1: python-requests-remove-nested-bundling-dep.patch
|
||||||
|
|
||||||
|
# Backport fix for CVE-2015-2296
|
||||||
|
# https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc
|
||||||
|
Patch2: python-requests-dont-ascribe-cookies.patch
|
||||||
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
BuildRequires: python2-devel
|
BuildRequires: python2-devel
|
||||||
BuildRequires: python-chardet
|
BuildRequires: python-chardet
|
||||||
@ -61,6 +65,8 @@ designed to make HTTP requests easy for developers.
|
|||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
|
||||||
|
%patch2 -p1
|
||||||
|
|
||||||
# Unbundle the certificate bundle from mozilla.
|
# Unbundle the certificate bundle from mozilla.
|
||||||
rm -rf requests/cacert.pem
|
rm -rf requests/cacert.pem
|
||||||
|
|
||||||
@ -141,6 +147,9 @@ popd
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 16 2015 Ralph Bean <rbean@redhat.com> - 2.5.3-2
|
||||||
|
- Backport fix for CVE-2015-2296.
|
||||||
|
|
||||||
* Thu Feb 26 2015 Ralph Bean <rbean@redhat.com> - 2.5.3-1
|
* Thu Feb 26 2015 Ralph Bean <rbean@redhat.com> - 2.5.3-1
|
||||||
- new version
|
- new version
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user