1616_logger = logging .getLogger (__name__ )
1717
1818
19+ def _share_cookie_across_all_subdomains (
20+ response : web .StreamResponse , params : aiohttp_session ._CookieParams
21+ ) -> aiohttp_session ._CookieParams :
22+ # share cookie across all subdomains, by appending a dot (`.`) in front of the domain name
23+ # overwrite domain from `None` (browser sets `example.com`) to `.example.com`
24+ request = response ._req # pylint:disable=protected-access # noqa: SLF001
25+ assert isinstance (request , web .Request ) # nosec
26+ params ["domain" ] = f".{ request .url .host }
27+ return params
28+
29+
1930class SharedCookieEncryptedCookieStorage (EncryptedCookieStorage ):
2031 async def save_session (
2132 self ,
@@ -35,19 +46,18 @@ def save_cookie(
3546 * ,
3647 max_age : int | None = None ,
3748 ) -> None :
38- params = self ._cookie_params .copy ()
39-
40- # share cookie accross all subdomains
41- # overwrite domain from `None` (browser sets `example.com`) to `.example.com`
42- request = response ._req # pylint:disable=protected-access # noqa: SLF001
43- assert isinstance (request , web .Request ) # nosec
44- params ["domain" ] = f".{ request .url .host }
49+ # NOTE: WARNING: the only difference between the superclass and this implementation
50+ # is the statement below where the domain name is set. Adjust in case the base library changes.
51+ params = _share_cookie_across_all_subdomains (
52+ response , self ._cookie_params .copy ()
53+ )
4554
4655 if max_age is not None :
4756 params ["max_age" ] = max_age
4857 t = time .gmtime (time .time () + max_age )
4958 params ["expires" ] = time .strftime ("%a, %d-%b-%Y %T GMT" , t )
5059 if not cookie_data :
60+
5161 response .del_cookie (
5262 self ._cookie_name , domain = params ["domain" ], path = params ["path" ]
5363 )
0 commit comments