Skip to content

Commit

Permalink
Support Cookie CHIPS
Browse files Browse the repository at this point in the history
CHIPS, Cookies Having Independent Partitioned State, allows for
cookies to be opted into partitioned storage which is especially
useful for thrid party cookies.
  • Loading branch information
pgjones committed Feb 27, 2024
1 parent 817aac4 commit 000609c
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 0 deletions.
8 changes: 8 additions & 0 deletions CHANGES.rst
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
.. currentmodule:: werkzeug

Version 3.1.0
-------------

Unreleased

- Support Cookie CHIPS (Partitioned Cookies). :issue:`2797`


Version 3.0.1
-------------

Expand Down
9 changes: 9 additions & 0 deletions src/werkzeug/http.py
Original file line number Diff line number Diff line change
Expand Up @@ -1216,6 +1216,7 @@ def dump_cookie(
sync_expires: bool = True,
max_size: int = 4093,
samesite: str | None = None,
partitioned: bool = False,
) -> str:
"""Create a Set-Cookie header without the ``Set-Cookie`` prefix.
Expand Down Expand Up @@ -1252,9 +1253,13 @@ def dump_cookie(
<cookie_>`_. Set to 0 to disable this check.
:param samesite: Limits the scope of the cookie such that it will
only be attached to requests if those requests are same-site.
:param partitioned: Opts the cookie into partitioned storage.
.. _`cookie`: http://browsercookielimits.squawky.net/
.. versionchanged:: 3.1
The ``partitioned`` parameter was added.
.. versionchanged:: 3.0
Passing bytes, and the ``charset`` parameter, were removed.
Expand Down Expand Up @@ -1298,6 +1303,9 @@ def dump_cookie(
if samesite not in {"Strict", "Lax", "None"}:
raise ValueError("SameSite must be 'Strict', 'Lax', or 'None'.")

if partitioned and not secure:
raise ValueError("Patitioned cookies must also be secure")

# Quote value if it contains characters not allowed by RFC 6265. Slash-escape with
# three octal digits, which matches http.cookies, although the RFC suggests base64.
if not _cookie_no_quote_re.fullmatch(value):
Expand All @@ -1319,6 +1327,7 @@ def dump_cookie(
("HttpOnly", httponly),
("Path", path),
("SameSite", samesite),
("Partitioned", partitioned),
):
if v is None or v is False:
continue
Expand Down
8 changes: 8 additions & 0 deletions tests/test_http.py
Original file line number Diff line number Diff line change
Expand Up @@ -576,6 +576,14 @@ def test_cookie_samesite_invalid(self):
with pytest.raises(ValueError):
http.dump_cookie("foo", "bar", samesite="invalid")

def test_cookie_partitioned(self):
value = http.dump_cookie("foo", "bar", partitioned=True, secure=True)
assert value == "foo=bar; Secure; Path=/; Partitioned"

def test_cookie_partitioned_invalid(self):
with pytest.raises(ValueError):
http.dump_cookie("foo", "bar", partitioned=True, secure=False)


class TestRange:
def test_if_range_parsing(self):
Expand Down

0 comments on commit 000609c

Please sign in to comment.