Skip to content

Commit c0f9017

Browse files
[PR #7821/366ba40f backport][3.9] Only check origin if insecure scheme and there are origins to treat as secure, in CookieJar.filter_cookies() (#7825)
**This is a backport of PR #7821 as merged into master (366ba40).** Co-authored-by: Rongrong <[email protected]>
1 parent 9d498ca commit c0f9017

File tree

2 files changed

+7
-7
lines changed

2 files changed

+7
-7
lines changed

CHANGES/7821.feature

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Only check origin if insecure scheme and there are origins to treat as secure, in ``CookieJar.filter_cookies()``.

aiohttp/cookiejar.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -248,14 +248,13 @@ def filter_cookies(
248248
return filtered
249249
request_url = URL(request_url)
250250
hostname = request_url.raw_host or ""
251-
request_origin = URL()
252-
with contextlib.suppress(ValueError):
253-
request_origin = request_url.origin()
254251

255-
is_not_secure = (
256-
request_url.scheme not in ("https", "wss")
257-
and request_origin not in self._treat_as_secure_origin
258-
)
252+
is_not_secure = request_url.scheme not in ("https", "wss")
253+
if is_not_secure and self._treat_as_secure_origin:
254+
request_origin = URL()
255+
with contextlib.suppress(ValueError):
256+
request_origin = request_url.origin()
257+
is_not_secure = request_origin not in self._treat_as_secure_origin
259258

260259
# Point 2: https://www.rfc-editor.org/rfc/rfc6265.html#section-5.4
261260
for cookie in sorted(self, key=lambda c: len(c["path"])):

0 commit comments

Comments
 (0)