Webware for Python

Hi all,

to have cookies lasting longer than a session does, I had to set
"expires=dd-MMM-YYYY" where - and that's kind of strange - dd-MMM-YYYY could
be a date in the past, e.g. "01-Jan-2001".

Class WebKit/Cookie does not provide a method "setExpires()" or
"setExpiryDate()", so I had to write

cookieUser = Cookie('cookieUserName', "%s %s" % (user.addressNameFirst(),
user.addressNameLast()))
cookieUser._cookie['expires'] = "01-Jan-2001"

Is the intention of class Cookie, that it is subclassed by me?

There is a method setMaxAge(). I did not find a description for max-age as I
did for expires (found it in "ASP in a Nutshell"). How has setMaxAge() to be
used? I tried setMaxAge("02-Apr-2001") and setMaxAge("+1d").


Best regards
Franz GEIGER

Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: Chuck Esterbrook <echuck@mi...> - 2001-04-01 17:50 At 06:59 PM 4/1/2001 +0200, F. GEIGER wrote: >Hi all, > >to have cookies lasting longer than a session does, I had to set >"expires=dd-MMM-YYYY" where - and that's kind of strange - dd-MMM-YYYY could >be a date in the past, e.g. "01-Jan-2001". > >Class WebKit/Cookie does not provide a method "setExpires()" or >"setExpiryDate()", so I had to write > >cookieUser = Cookie('cookieUserName', "%s %s" % (user.addressNameFirst(), >user.addressNameLast())) >cookieUser._cookie['expires'] = "01-Jan-2001" > >Is the intention of class Cookie, that it is subclassed by me? > >There is a method setMaxAge(). I did not find a description for max-age as I >did for expires (found it in "ASP in a Nutshell"). How has setMaxAge() to be >used? I tried setMaxAge("02-Apr-2001") and setMaxAge("+1d"). Regarding your subclassing question, the answer is No, it is not our intention that you should have to subclass Cookie in order to set standard attributes or do typical things. WebKit.Cookie.setMaxAge() is a bit of a "pass through" method whose implementation simply sets the "max-age" attribute of the underlying cookie implementation. def setMaxAge(self, maxAge): self._cookie['max-age'] = maxAge I got 'max-age' from Tim O'Malley cookie module. I borrowed the "setMaxAge()" name from the Java Servlet spec. You mention the 'expires' attribute, but I'm not even aware of this. O'Malley's module mentions RFC 2109, so I searched for it on Google.com: http://www.google.com/search?q=RFC+2109 And found the first copy here: http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2109.html It defines Max-Age like so: Max-Age=delta-seconds Optional. The Max-Age attribute defines the lifetime of the cookie, in seconds. The delta-seconds value is a decimal non- negative integer. After delta-seconds seconds elapse, the client should discard the cookie. A value of zero means the cookie should be discarded immediately. So try passing an integer to setMaxAge() and let us know how that works for you: cookie.setMaxAge(30*24*60*60) # expire in 30 days -Chuck

AW: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: F. GEIGER <fgeiger@da...> - 2001-04-01 18:20 > "setMaxAge()" name from the Java Servlet spec. You mention the 'expires' > attribute, but I'm not even aware of this. O'Malley's module mentions RFC In WebUtils/Cookie.py I found: class Morsel(UserDict): # RFC 2109 lists these attributes as reserved: # path comment domain # max-age secure version # # For historical reasons, these attributes are also reserved: # expires # # This dictionary provides a mapping from the lowercase # variant on the left to the appropriate traditional # formatting on the right. _reserved = { "expires" : "expires", "path" : "Path", "comment" : "Comment", "domain" : "Domain", "max-age" : "Max-Age", "secure" : "secure", "version" : "Version", } _reserved_keys = _reserved.keys() So "expires" seems to be something deprecated. I followed your link http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2109.html and found: 10.1.2 Expires and Max-Age Netscape's original proposal defined an Expires header that took a date value in a fixed-length variant format in place of Max-Age: Wdy, DD-Mon-YY HH:MM:SS GMT Note that the Expires date format contains embedded spaces, and that "old" cookies did not have quotes around values. Clients that implement to this specification should be aware of "old" cookies and Expires. > So try passing an integer to setMaxAge() and let us know how that > works for > you: > > cookie.setMaxAge(30*24*60*60) # expire in 30 days No, it didn't. I'll stick with "expires" for now. BTW: I use MSIE 5.5. Best regards Franz > -----Ursprüngliche Nachricht----- > Von: Chuck Esterbrook [mailto:echuck@...] > Gesendet: Sonntag, 01. April 2001 19:47 > An: fgeiger@...; Webware-discuss > Betreff: Re: [Webware-discuss] Webware 0.5 and Cookies: How to use > setMaxAge()? > > > At 06:59 PM 4/1/2001 +0200, F. GEIGER wrote: > >Hi all, > > > >to have cookies lasting longer than a session does, I had to set > >"expires=dd-MMM-YYYY" where - and that's kind of strange - > dd-MMM-YYYY could > >be a date in the past, e.g. "01-Jan-2001". > > > >Class WebKit/Cookie does not provide a method "setExpires()" or > >"setExpiryDate()", so I had to write > > > >cookieUser = Cookie('cookieUserName', "%s %s" % (user.addressNameFirst(), > >user.addressNameLast())) > >cookieUser._cookie['expires'] = "01-Jan-2001" > > > >Is the intention of class Cookie, that it is subclassed by me? > > > >There is a method setMaxAge(). I did not find a description for > max-age as I > >did for expires (found it in "ASP in a Nutshell"). How has > setMaxAge() to be > >used? I tried setMaxAge("02-Apr-2001") and setMaxAge("+1d"). > > Regarding your subclassing question, the answer is No, it is not our > intention that you should have to subclass Cookie in order to set > standard > attributes or do typical things. > > WebKit.Cookie.setMaxAge() is a bit of a "pass through" method whose > implementation simply sets the "max-age" attribute of the > underlying cookie > implementation. > > def setMaxAge(self, maxAge): > self._cookie['max-age'] = maxAge > > I got 'max-age' from Tim O'Malley cookie module. I borrowed the > "setMaxAge()" name from the Java Servlet spec. You mention the 'expires' > attribute, but I'm not even aware of this. O'Malley's module mentions RFC > 2109, so I searched for it on Google.com: > http://www.google.com/search?q=RFC+2109 > > And found the first copy here: > http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2109.html > > It defines Max-Age like so: > > Max-Age=delta-seconds > Optional. The Max-Age attribute defines the lifetime of the cookie, in > seconds. The delta-seconds value is a decimal non- negative > integer. After > delta-seconds seconds elapse, the client should discard the > cookie. A value > of zero means the cookie should be discarded immediately. > > > So try passing an integer to setMaxAge() and let us know how that > works for > you: > > cookie.setMaxAge(30*24*60*60) # expire in 30 days > > > -Chuck > >

Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: Tripp Lilley <tlilley@pe...> - 2001-04-02 05:15 On Sun, 1 Apr 2001, Chuck Esterbrook wrote: > I got 'max-age' from Tim O'Malley cookie module. I borrowed the > "setMaxAge()" name from the Java Servlet spec. You mention the 'expires' > attribute, but I'm not even aware of this. O'Malley's module mentions RFC > 2109, so I searched for it on Google.com: > http://www.google.com/search?q=RFC+2109 For future reference, when you're looking for an IETF RFC, the "shortest path to the source" is this URL formula: http://www.ietf.org/rfc/rfcNNNN.txt where "NNNN" is the RFC number prefixed with zeroes as necessary to make a four digit number. (thus sayeth http://www.ietf.org). > It defines Max-Age like so: > > Max-Age=delta-seconds > Optional. The Max-Age attribute defines the lifetime of the cookie, in > seconds. The delta-seconds value is a decimal non- negative integer. After > delta-seconds seconds elapse, the client should discard the cookie. A value > of zero means the cookie should be discarded immediately. Since there are documented incompatibilities (or, rather, inconsistencies) in the way different browsers implement max-age, expires, and other cache control directives, might I suggest that Webware's cookie module acquire some "l33t skillz" for dealing with these opaquely in addition to transparently? That is, Webware's cookie module could / should support a "setTimeout" (I'm not wed to that name) method that takes a timeout expressed in some canonical form, and either a) translates it into a set of Expires / Max-Age headers for the cookie that will "work" in all browsers, or uses the User-Agent header to pick the "correct" mechanism for that user agent... No, I'm not volunteering, I'm suggesting. I'm an idea guy :) -- Joy-Loving * Tripp Lilley * http://stargate.eheart.sg505.net/~tlilley/ ------------------------------------------------------------------------------ "Fiber makes you poop." -- From <http://www.pvponline.com/bts_studio.php3>

Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: Chuck Esterbrook <echuck@mi...> - 2001-04-02 14:39 At 05:10 AM 4/2/2001 +0000, Tripp Lilley wrote: >On Sun, 1 Apr 2001, Chuck Esterbrook wrote: > > > I got 'max-age' from Tim O'Malley cookie module. I borrowed the > > "setMaxAge()" name from the Java Servlet spec. You mention the 'expires' > > attribute, but I'm not even aware of this. O'Malley's module mentions RFC > > 2109, so I searched for it on Google.com: > > http://www.google.com/search?q=RFC+2109 > >For future reference, when you're looking for an IETF RFC, the "shortest >path to the source" is this URL formula: > > http://www.ietf.org/rfc/rfcNNNN.txt > >where "NNNN" is the RFC number prefixed with zeroes as necessary to make a >four digit number. (thus sayeth http://www.ietf.org). Thanks, but I'll never remember that. Perhaps you can convince Google to go there when anyone enters "rfcNNNN" in the search box and hits "I'm feeling lucky". > > It defines Max-Age like so: > > > > Max-Age=delta-seconds > > Optional. The Max-Age attribute defines the lifetime of the cookie, in > > seconds. The delta-seconds value is a decimal non- negative integer. After > > delta-seconds seconds elapse, the client should discard the cookie. A > value > > of zero means the cookie should be discarded immediately. > >Since there are documented incompatibilities (or, rather, inconsistencies) >in the way different browsers implement max-age, expires, and other cache >control directives, might I suggest that Webware's cookie module acquire >some "l33t skillz" for dealing with these opaquely in addition to >transparently? > >That is, Webware's cookie module could / should support a "setTimeout" >(I'm not wed to that name) method that takes a timeout expressed in some >canonical form, and either a) translates it into a set of Expires / >Max-Age headers for the cookie that will "work" in all browsers, or uses >the User-Agent header to pick the "correct" mechanism for that user >agent... > >No, I'm not volunteering, I'm suggesting. I'm an idea guy :) I like the suggestion and thought of it earlier, but don't have to time to pursue it right now. I only use cookies for temporary sessions or really long living bytes of info, like remembering your user name. But I welcome contributions. :-) In any case, I'll note this on my Webware TO DO list so that it happens eventually. -Chuck

Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: Tripp Lilley <tlilley@pe...> - 2001-04-02 21:44 On Mon, 2 Apr 2001, Chuck Esterbrook wrote: > >For future reference, when you're looking for an IETF RFC, the "shortest > >path to the source" is this URL formula: > > > > http://www.ietf.org/rfc/rfcNNNN.txt > > > >where "NNNN" is the RFC number prefixed with zeroes as necessary to make a > >four digit number. (thus sayeth http://www.ietf.org). > > Thanks, but I'll never remember that. Perhaps you can convince Google to go > there when anyone enters "rfcNNNN" in the search box and hits "I'm feeling > lucky". That's a good idea, and I'll send them mail suggesting it. In the meantime, here are a couple of ways I thought of to make it easier for you to remember: 1) bookmark it 2) remember that RFCs are the purview of the IETF, so go to http://www.ietf.org/ and note the link called "RFC Pages" For the record, I never remember that fancy URL form above, but I did manage to scrape together enough braincells to commit suggestion 2 to memory ;) > But I welcome contributions. :-) Freeloader. ;-) -- Joy-Loving * Tripp Lilley * http://stargate.eheart.sg505.net/~tlilley/ ------------------------------------------------------------------------------ "Fiber makes you poop." -- From <http://www.pvponline.com/bts_studio.php3>

Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()? From: Terrel Shumway <tshumway@tr...> - 2001-04-02 22:18 Tripp Lilley wrote: > On Mon, 2 Apr 2001, Chuck Esterbrook wrote: > > > >For future reference, when you're looking for an IETF RFC, the "shortest > > >path to the source" is this URL formula: > > > > > > http://www.ietf.org/rfc/rfcNNNN.txt > > > > > >where "NNNN" is the RFC number prefixed with zeroes as necessary to make a > > >four digit number. (thus sayeth http://www.ietf.org). > > > > Thanks, but I'll never remember that. Perhaps you can convince Google to go > > there when anyone enters "rfcNNNN" in the search box and hits "I'm feeling > > lucky". > > That's a good idea, and I'll send them mail suggesting it. Google already does better than that: it takes you to the page that has the most inbound links. If Ohio State formats the RFC into a pretty HTML document that is more popular than the official boring .txt file, then you get the nicer version. If noone has done a better job, you will very likely get the IEFT version. (Plus, you get all this with no special-case rules.) I really like Google's strategy for filtering out junk. I will never again use anything else to discover a company's real domain name. The masses tend to favor the legitimate source. For example, if I type in "Ford Motor Company" it is very unlikely that I will get a squatter who registered ford.com before the internet showed up on anyone's radar.

Offtopic: Canonical RFC Source (was Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()?) From: Tripp Lilley <tlilley@pe...> - 2001-04-02 23:06 On Mon, 2 Apr 2001, Terrel Shumway wrote: > Google already does better than that: it takes you to the page that has > the most inbound links. If Ohio State formats the RFC into a pretty HTML > document that is more popular than the official boring .txt file, then > you get the nicer version. If noone has done a better job, you will > very likely get the IEFT version. (Plus, you get all this with no > special-case rules.) > > I really like Google's strategy for filtering out junk. I will never > again use anything else to discover a company's real domain name. The > masses tend to favor the legitimate source. For example, if I type in > "Ford Motor Company" it is very unlikely that I will get a squatter who > registered ford.com before the internet showed up on anyone's radar. While I appreciate Google's search mechanism, and agree with you about "never again us[ing] anything else", in this particular case, the IETF pages -are- the canonical source for the RFCs. This is a case in which "the masses" do not "favor the legitimate source". As a practical matter, you can argue that, with RFCs, it doesn't "matter" as long as an alternative source doesn't -alter- the content of the RFC (just its presentation), since an RFC is immutable, once it moves from I-D (Internet Draft) to RFC. However, it's still useful to know the -authoritative- source of the documents, should any dispute arise. -- Joy-Loving * Tripp Lilley * http://stargate.eheart.sg505.net/~tlilley/ ------------------------------------------------------------------------------ "Fiber makes you poop." -- From <http://www.pvponline.com/bts_studio.php3>

Re: Offtopic: Canonical RFC Source (was Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()?) From: Terrel Shumway <tshumway@tr...> - 2001-04-03 00:17 Tripp Lilley wrote: > While I appreciate Google's search mechanism, and agree with you about > "never again us[ing] anything else", in this particular case, the IETF > pages -are- the canonical source for the RFCs. This is a case in which > "the masses" do not "favor the legitimate source". Ok. Interpreting "legitimate source" strictly, not in this case. > As a practical matter, you can argue that, with RFCs, it doesn't "matter" > as long as an alternative source doesn't -alter- the content of the RFC > (just its presentation), since an RFC is immutable, once it moves from I-D > (Internet Draft) to RFC. However, it's still useful to know the > -authoritative- source of the documents, should any dispute arise. In this case, if you know enough to care, then you already know where to find the authoritative source. :-) If OSU makes a mistake on an important RFC, they will have 50 emails pointing it out before the googlebot ever makes its rounds.

Re: Offtopic: Canonical RFC Source (was Re: [Webware-discuss] Webware 0.5 and Cookies: How to use setMaxAge()?) From: Tripp Lilley <tlilley@pe...> - 2001-04-03 06:01 On Mon, 2 Apr 2001, Terrel Shumway wrote: > In this case, if you know enough to care, then you already know where to > find the authoritative source. :-) If OSU makes a mistake on an > important RFC, they will have 50 emails pointing it out before the > googlebot ever makes its rounds. Of course :) For the record, my main point in discussing this here is to "spread the word" about the IETF and RFCs in general. Since I've "gotten active" again on a couple of project lists, all of which have an "on the wire" component, I've been really surprised at how many people -don't- know what the canonical source is for the standards that make up the 'net. There was a time when you could take it for granted that anyone writing socket code had a stack of RFCs printed out next to them. It's no longer that time, so I make a point of directing people to the IETF whenever it seems appropriate... In other words, I'm not picking on anyone, I'm just trying to be a helpful citizen :) -- Joy-Loving * Tripp Lilley * http://stargate.eheart.sg505.net/~tlilley/ ------------------------------------------------------------------------------ "Fiber makes you poop." -- From <http://www.pvponline.com/bts_studio.php3>

[Webware-discuss] Attributes vs keys From: Mike Orr <iron@ms...> - 2001-04-06 19:29 Regarding your question on whether we should support both attribute access and key access for the same thing: agreed, it's inelegant to do both. However, one cannot always predict which type of access will make the most sense for the top-level application. I use attribute access when the attributes are more or less static and I refer to them mostly as literals. But key access is more convenient if most uses will be iterating through a for-loop or passing object.__dict__ to the "%" operator, because "object[key]" is easier to read than "setattr(object, 'key')". If we have to choose one or the other, key access is certainly more flexible. Attribute access does bring with it the ambiguity that "highly dynamic" attributes created by the top-level user are mixed together with the "more static" constants and methods used by the superclass, so any looping code has to check whether the current attribute is one or the other. -- -Mike (Iron) Orr, iron@... (if mail problems: mso@...) http://mso.oz.net/ English * Esperanto * Russkiy * Deutsch * Espan~ol

Re: [Webware-discuss] Attributes vs keys From: Tavis Rudd <tavis@ca...> - 2001-04-06 19:34 After my initial enthusiasm for both, I'd prefer to just stick with keys. Tavis

Re: [Webware-discuss] Attributes vs keys From: Chuck Esterbrook <echuck@mi...> - 2001-04-06 20:31 At 12:28 PM 4/6/2001 -0700, Mike Orr wrote: >Attribute access does bring with it the ambiguity that >"highly dynamic" attributes created by the top-level user are mixed >together with the "more static" constants and methods used by the >superclass, so any looping code has to check whether the current attribute is >one or the other. Thanks for saying that before I did. On that basis, I don't want to see the "dynamic attribute" thing done for cookies, headers, etc. -Chuck

1 message has been excluded from this view by a project administrator.