This file is indexed.

/usr/lib/python2.7/dist-packages/beaker/cookie.py is in python-beaker 1.8.1-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import sys
from ._compat import http_cookies

# Some versions of Python 2.7 and later won't need this encoding bug fix:
_cookie_encodes_correctly = http_cookies.SimpleCookie().value_encode(';') == (';', '"\\073"')

# Cookie pickling bug is fixed in Python 2.7.9 and Python 3.4.3+
# http://bugs.python.org/issue22775
cookie_pickles_properly = (
    (sys.version_info[:2] == (2, 7) and sys.version_info >= (2, 7, 9)) or
    sys.version_info >= (3, 4, 3)
)


# Adapted from Django.http.cookies and always enabled the bad_cookies
# behaviour to cope with any invalid cookie key while keeping around
# the session.
class SimpleCookie(http_cookies.SimpleCookie):
    if not cookie_pickles_properly:
        def __setitem__(self, key, value):
            # Apply the fix from http://bugs.python.org/issue22775 where
            # it's not fixed in Python itself
            if isinstance(value, http_cookies.Morsel):
                # allow assignment of constructed Morsels (e.g. for pickling)
                dict.__setitem__(self, key, value)
            else:
                super(SimpleCookie, self).__setitem__(key, value)

    if not _cookie_encodes_correctly:
        def value_encode(self, val):
            # Some browsers do not support quoted-string from RFC 2109,
            # including some versions of Safari and Internet Explorer.
            # These browsers split on ';', and some versions of Safari
            # are known to split on ', '. Therefore, we encode ';' and ','

            # SimpleCookie already does the hard work of encoding and decoding.
            # It uses octal sequences like '\\012' for newline etc.
            # and non-ASCII chars. We just make use of this mechanism, to
            # avoid introducing two encoding schemes which would be confusing
            # and especially awkward for javascript.

            # NB, contrary to Python docs, value_encode returns a tuple containing
            # (real val, encoded_val)
            val, encoded = super(SimpleCookie, self).value_encode(val)

            encoded = encoded.replace(";", "\\073").replace(",", "\\054")
            # If encoded now contains any quoted chars, we need double quotes
            # around the whole string.
            if "\\" in encoded and not encoded.startswith('"'):
                encoded = '"' + encoded + '"'

            return val, encoded

    def load(self, rawdata):
        self.bad_cookies = set()
        super(SimpleCookie, self).load(rawdata)
        for key in self.bad_cookies:
            del self[key]

    # override private __set() method:
    # (needed for using our Morsel, and for laxness with CookieError
    def _BaseCookie__set(self, key, real_value, coded_value):
        try:
            super(SimpleCookie, self)._BaseCookie__set(key, real_value, coded_value)
        except http_cookies.CookieError:
            if not hasattr(self, 'bad_cookies'):
                self.bad_cookies = set()
            self.bad_cookies.add(key)
            dict.__setitem__(self, key, http_cookies.Morsel())