最近同事负责的项目后台访问的时候会出现部分cookie被吞掉并截断的情况,情况举例如下:
假如前台传过来的cookie为:
id=100; name=测试; token=957439858943845;
这时传到django后台后获取到的cookie就会从name开始截断,只剩下id=100这一个cookie信息。
通过后台抓包和ngnix日志输出定位到问题出在了django这一层,我负责的项目却没有这个问题,于是查看了二者的版本,他环境上的django版本是1.5.12,而我的django版本是1.8.17,难道真的是django版本的问题?于是就换了个环境分别测试了两个版本的访问情况,果然把1.5.12升级为1.8.17后就可以正常使用cookie了。
解决问题不能仅仅是解决,而是要搞清楚问题的原因在哪,于是我研究了一下django的两个版本源码对比,发现django1.5.12版本在处理cookie上使用了Cookie.SimpleCookie,源码对应的文件为django/django/http/cookie.py。
from __future__ import absolute_import, unicode_literals
from django.utils.encoding import force_str
from django.utils import six
from django.utils.six.moves import http_cookies
# Some versions of Python 2.7 and later won't need this encoding bug fix:
_cookie_encodes_correctly = http_cookies.SimpleCookie().value_encode(';') == (';', '"\\073"')
# See ticket #13007, http://bugs.python.org/issue2193 and http://trac.edgewall.org/ticket/2256
_tc = http_cookies.SimpleCookie()
try:
_tc.load(str('foo:bar=1'))
_cookie_allows_colon_in_names = True
except http_cookies.CookieError:
_cookie_allows_colon_in_names = False
if _cookie_encodes_correctly and _cookie_allows_colon_in_names:
SimpleCookie = http_cookies.SimpleCookie
else:
Morsel = http_cookies.Morsel
class SimpleCookie(http_cookies.SimpleCookie):
if not _cookie_encodes_correctly:
def value_encode(self, val):
# Some browsers do not support quoted-string from RFC 2109,
# including some versions of Safari and Internet Explorer.
# These browsers split on ';', and some versions of Safari
# are known to split on ', '. Therefore, we encode ';' and ','
# SimpleCookie already does the