cookies (sashahart)

Common errors

• ImportError: cannot import name 'Cookies' from 'cookies'

  cause Attempting to use the `cookies` library in a Python environment where another module or package named 'cookies' exists or there's a typo in the import.
  fix Ensure `pip install cookies` was run correctly. If conflicts exist, rename your local script/module, or use a virtual environment. Confirm you are importing `Cookies` (capital C) and not `cookies` (lowercase c) from the package itself.

• AttributeError: 'Cookie' object has no attribute 'expires' (or 'path', 'domain', etc.)

  cause Attempting to access cookie attributes in a way that differs from the library's API or attempting to use a `dict`-like access for attributes instead of direct attribute access.
  fix Access cookie attributes using dot notation (e.g., `cookie.path = '/'`) directly on the `Cookie` object, as shown in the quickstart. The `Cookie` objects are not dictionaries themselves, though the `Cookies` collection object acts like a dictionary of `Cookie` objects.

Warnings

• breaking The library explicitly does NOT maintain backward compatibility with Python's standard library `Cookie.py` (now `http.cookies`), RFC 2109, or RFC 2965. Its API is different and it adheres strictly to RFC 6265.
  Fix: Do not treat this library as a drop-in replacement for `http.cookies`. Adapt your code to its distinct RFC 6265-compliant API.
• deprecated The library reached version 2.2.1 in September 2014 and has not been updated since. It is compatible with Python 2.6, 2.7, 3.2, 3.3, and PyPy (2.7), but is unlikely to work with newer Python 3.x versions (e.g., Python 3.4+).
  Fix: For new projects or modern Python environments (3.4+), consider using Python's built-in `http.cookies` or a more actively maintained third-party library if specific RFC 6265 strictness is not paramount, or if you require functionality beyond basic parsing/rendering.
• gotcha The library avoids providing a means to store pickled Python objects in cookie values due to security concerns, a feature present in older `Cookie.py` implementations (e.g., `SmartCookie`).
  Fix: Do not attempt to store complex Python objects directly as cookie values; serialize them to strings (e.g., JSON) if necessary, or store state server-side using a session ID.

Install

• pip install cookies Install latest version

Imports

• Cookies
  wrong:

  from http.cookies import SimpleCookie

  correct:

  from cookies import Cookies

  This library is designed as a replacement for http.cookies and has a different API.
• Cookie

  from cookies import Cookie

Quickstart

Demonstrates creating, manipulating, and rendering 'Set-Cookie' headers, and parsing 'Cookie' request headers.

from cookies import Cookies, Cookie

# Create a Cookies object for response headers
response_cookies = Cookies()
response_cookies['session_id'] = 'abc123def456'
response_cookies['session_id'].path = '/'
response_cookies['session_id'].max_age = 3600 # 1 hour

# You can also set using a Cookie object directly
my_cookie = Cookie('user', 'guest')
my_cookie.domain = 'example.com'
response_cookies.add(my_cookie)

print('Set-Cookie Headers:')
for header_line in response_cookies.render_response():
    print(header_line)

# Simulate receiving a Cookie header from a request
request_header_string = 'session_id=abc123def456; other_data=some_value'
request_cookies = Cookies.from_request(request_header_string)

print('\nParsed Request Cookies:')
for name, cookie in request_cookies.items():
    print(f"  {name}: {cookie.value}")

# Access a specific cookie
if 'session_id' in request_cookies:
    print(f"Session ID from request: {request_cookies['session_id'].value}")