5

问题

在 django 视图中使用set_test_cookie无法实际设置测试 cookie,我不知道为什么。

重现步骤

实际项目比这复杂得多,但是,在一个几乎空的项目中,错误是可以重现的。

$ virtualenv venv
$ source venv/bin/activate
(venv)$ pip install django
(venv)$ django-admin.py startproject hellodjango .
(venv)$ python manage.py startapp polls

设置.py

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
        'NAME': 'database.db',                      # Or path to database file if using sqlite3.
        'USER': '',                      # Not used with sqlite3.
        'PASSWORD': '',                  # Not used with sqlite3.
        'HOST': '',                      # Set to empty string for localhost. Not used with sqlite3.
        'PORT': '',                      # Set to empty string for default. Not used with sqlite3.
    }
}

网址.py

from django.conf.urls import patterns, include, url

urlpatterns = patterns('',
    url(r'^login/$', 'hellodjango.polls.views.login'),
)

民意调查/views.py

from django.shortcuts import render_to_response
from django.http import HttpResponse

def login(request):
    if request.method == 'POST':
        if request.session.test_cookie_worked():
            request.session.delete_test_cookie()
            return HttpResponse("You're logged in.")
        else:
            return HttpResponse("Please enable cookies and try again.")
    request.session.set_test_cookie()
    return HttpResponse("Look ma, no cookies!")


(venv)$python manage.py runserver

浏览器

转到 localhost:8000/login/ 并注意您的 get 请求没有显示响应 cookie,其名称testcookie和值workedset_test_cookie source一致。

4

1 回答 1

6

Actually, it works! You might want to visit your website with cookies disabled and see for yourself.

Anyway, here's the explanation:

If you look at the source for set_test_cookie, you'll notice that it actually sets a variable in the current session, not a cookie or anything (at least, not directly).

Here's how it works:

  1. You call set_test_cookie, a key of TEST_COOKIE_NAME and of value TEST_COOKIE_VALUE is added to your current session.
  2. You current session was modified (check the __setitem__ method), so a sessionid (1) cookie will be sent (2)
  3. When you POST data in your next request, django checks whether the key TEST_COOKIE_NAME happens to be in your session data and has the right value.

If it does, it means we were able to retrieve your session from your request, so that the sessionid cookie we used to identify you was sent back (lest we wouldn't have been able to retrieve your session), so you must support cookies.

Hope this makes things clearer to you; if it doesn't, I think you should look into the details of how HTTP works.

Notes

(1) Or whatever the SESSION_COOKIE_NAME setting sets.
(2) Actually, a sessionid cookie will be sent even if the session was not altered if the SESSION_SAVE_EVERY_REQUEST setting is true

于 2012-06-02T23:29:40.400 回答