I am working on a Python CGI web tool that allows a user to traverse through a long list of xml elements, where each element appears on the screen one at a time. The tool allows the user to make changes to editable fields and creates a report of the deltas, as well as a copy of the new edited xml.
The tool has a log in screen where the user selects themself from a menu of predefined editors, and the user supplies the project password to gain access to the data.
When the user log in is validated, the script sets a cookie in the user’s browser that consists of the user’s name, xml file, and last page number. In this post I am going to describe how to set that cookie.
1. Setting the cookie needs to be the FIRST thing that happens in the HTTP response, every time the server responds to a GET or POST event from the browser. For example, either by:
- loading the URL to the python cgi script – which is a ‘GET’,
- or by posting something from a web form – which is a ‘POST’,
2. The logic in the cgi script must be ordered to make sure this is always the case. With every HTTP response, nothing should be printed to the browser via Content-type: text/html
until AFTER the cookie is taken care of.
Here is how to set the cookie:
import Cookie
- Instantiate a new
SimpleCookie()
object:c = Cookie.SimpleCookie()
- Treat the SimpleCookie object as if it is a dictionary. The key will be the name of the cookie, and the value can be a string of key-value pairs, separated by pipe symbols. For example:
c['xml_edit_tool'] = 'Chris Nielsen|xml_file=important_part6.txt|place=2'
- Finally, print the cookie object ‘c’ to the browser. Do this before printing anything else to the browser with
"Content-type: text/html\r\n"
Here is the complete code for setting the cookie:
#!C:\Python27\python.exe -u import Cookie c = Cookie.SimpleCookie() c['xml_edit_tool'] = 'Chris Nielsen|xml_file=important_part6.txt|place=2' # Output the HTTP message containing the cookie BEFORE Content-type text/html! print c print "Content-type: text/html\r\n"
The complete header that is sent from the server via print c
looks like this:
Set-Cookie: xml_edit_tool="Chris Nielsen|xml_file=important_part6.txt|place=2"
In Firefox, you can check to make sure that your cookie is there: