Remove the lock around the cookie parsing code.

The locking here was only ever needed for the old `regex` module that was originally used for this code, but that was replaced by the thread-safe `re` some 10 years ago (see r20110, april 2001).

Remove the lock around the cookie parsing code.
The locking here was only ever needed for the old `regex` module that was originally used for this code, but that was replaced by the thread-safe `re` some 10 years ago (see r20110, april 2001).
723d6976 · Martijn Pieters · 83c9815b · 723d6976 · 723d6976
Commit 723d6976 authored Oct 13, 2011 by Martijn Pieters
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 29 deletions

doc/CHANGES.rst doc/CHANGES.rst +4 -0

src/ZPublisher/HTTPRequest.py src/ZPublisher/HTTPRequest.py +20 -29

No files found.
--- a/doc/CHANGES.rst
+++ b/doc/CHANGES.rst
@@ -50,6 +50,10 @@ Features Added
 Restructuring
 +++++++++++++
+- Removed the (very obsolete) thread lock around the cookie parsing code
+  in HTTPRequest.py; the python `re` module is thread-safe, unlike the
+  ancient `regex` module that was once used here.
 - Removed the special handling of `Set-Cookie` headers in
  `HTTPResponse.setHeader`. Use the `setCookie`/`appendCookie`/`expireCookie`
  methods instead, or if low-level control is needed, use `addHeader` instead

--- a/src/ZPublisher/HTTPRequest.py
+++ b/src/ZPublisher/HTTPRequest.py
@@ -40,7 +40,6 @@ from AccessControl.tainted import TaintedString
 from ZPublisher.BaseRequest import BaseRequest
 from ZPublisher.BaseRequest import quote
 from ZPublisher.Converters import get_converter
-from ZPublisher.maybe_lock import allocate_lock
 # Flags
 SEQUENCE = 1
@@ -1649,7 +1648,6 @@ class FileUpload:
        return self
-parse_cookie_lock = allocate_lock()
 QPARMRE= re.compile(
        '([\x00- ]*([^\x00- ;,="]+)="([^"]*)"([\x00- ]*[;,])?[\x00- ]*)')
 PARMRE = re.compile(
@@ -1661,43 +1659,36 @@ def parse_cookie(text,
                 qparmre=QPARMRE,
                 parmre=PARMRE,
                 paramlessre=PARAMLESSRE,
-                 acquire=parse_cookie_lock.acquire,
-                 release=parse_cookie_lock.release,
                 ):
    if result is None:
        result = {}
-    acquire()
+    mo_q = qparmre.match(text)
-    try:
-        mo_q = qparmre.match(text)
+    if mo_q:
+        # Match quoted correct cookies
+        l = len(mo_q.group(1))
+        name = mo_q.group(2)
+        value = mo_q.group(3)
-        if mo_q:
+    else:
-            # Match quoted correct cookies
+        # Match evil MSIE cookies ;)
-            l = len(mo_q.group(1))
+        mo_p = parmre.match(text)
-            name = mo_q.group(2)
-            value = mo_q.group(3)
+        if mo_p:
+            l = len(mo_p.group(1))
+            name = mo_p.group(2)
+            value = mo_p.group(3)
        else:
-            # Match evil MSIE cookies ;)
+            # Broken Cookie without = nor value.
-            mo_p = parmre.match(text)
+            broken_p = paramlessre.match(text)
+            if broken_p:
-            if mo_p:
+                l = len(broken_p.group(1))
-                l = len(mo_p.group(1))
+                name = broken_p.group(2)
-                name = mo_p.group(2)
+                value = ''
-                value = mo_p.group(3)
            else:
-                # Broken Cookie without = nor value.
+                return result
-                broken_p = paramlessre.match(text)
-                if broken_p:
-                    l = len(broken_p.group(1))
-                    name = broken_p.group(2)
-                    value = ''
-                else:
-                    return result
-    finally:
-        release()
    if name not in result:
        result[name] = unquote(value)