Browse Source

Theme cookie tween: only affect GET requests

I was seeing some strange behavior from this tween on non-GET requests,
where a huge number of Set-Cookie headers were being added. I'm not sure
exactly what was causing this, but it's not necessary to do on non-GET
requests anyway, so this should be safer.
merge-requests/64/head
Deimos 6 years ago
parent
commit
7c53b09816
  1. 4
      tildes/tildes/tweens.py

4
tildes/tildes/tweens.py

@ -72,6 +72,10 @@ def theme_cookie_tween_factory(handler: Callable, registry: Registry) -> Callabl
"""Set the theme cookie if needed (currently always, see comment below).""" """Set the theme cookie if needed (currently always, see comment below)."""
response = handler(request) response = handler(request)
# only set the cookie on GET requests
if request.method.upper() != "GET":
return response
current_theme = request.cookies.get("theme", "") current_theme = request.cookies.get("theme", "")
if not current_theme and request.user: if not current_theme and request.user:
current_theme = request.user.theme_default current_theme = request.user.theme_default

Loading…
Cancel
Save