Create a Set-Cookie header without the ``Set-Cookie`` prefix. The return value is usually restricted to ascii as the vast majority of values are properly escaped, but that is no guarantee. It's tunneled through latin1 as required by :pep:`3333`. The return value is not ASCII safe i
(
key: str,
value: str = "",
max_age: timedelta | int | None = None,
expires: str | datetime | int | float | None = None,
path: str | None = "/",
domain: str | None = None,
secure: bool = False,
httponly: bool = False,
sync_expires: bool = True,
max_size: int = 4093,
samesite: str | None = None,
partitioned: bool = False,
)
| 1266 | |
| 1267 | |
| 1268 | def dump_cookie( |
| 1269 | key: str, |
| 1270 | value: str = "", |
| 1271 | max_age: timedelta | int | None = None, |
| 1272 | expires: str | datetime | int | float | None = None, |
| 1273 | path: str | None = "/", |
| 1274 | domain: str | None = None, |
| 1275 | secure: bool = False, |
| 1276 | httponly: bool = False, |
| 1277 | sync_expires: bool = True, |
| 1278 | max_size: int = 4093, |
| 1279 | samesite: str | None = None, |
| 1280 | partitioned: bool = False, |
| 1281 | ) -> str: |
| 1282 | """Create a Set-Cookie header without the ``Set-Cookie`` prefix. |
| 1283 | |
| 1284 | The return value is usually restricted to ascii as the vast majority |
| 1285 | of values are properly escaped, but that is no guarantee. It's |
| 1286 | tunneled through latin1 as required by :pep:`3333`. |
| 1287 | |
| 1288 | The return value is not ASCII safe if the key contains unicode |
| 1289 | characters. This is technically against the specification but |
| 1290 | happens in the wild. It's strongly recommended to not use |
| 1291 | non-ASCII values for the keys. |
| 1292 | |
| 1293 | :param max_age: should be a number of seconds, or `None` (default) if |
| 1294 | the cookie should last only as long as the client's |
| 1295 | browser session. Additionally `timedelta` objects |
| 1296 | are accepted, too. |
| 1297 | :param expires: should be a `datetime` object or unix timestamp. |
| 1298 | :param path: limits the cookie to a given path, per default it will |
| 1299 | span the whole domain. |
| 1300 | :param domain: Use this if you want to set a cross-domain cookie. For |
| 1301 | example, ``domain="example.com"`` will set a cookie |
| 1302 | that is readable by the domain ``www.example.com``, |
| 1303 | ``foo.example.com`` etc. Otherwise, a cookie will only |
| 1304 | be readable by the domain that set it. |
| 1305 | :param secure: The cookie will only be available via HTTPS |
| 1306 | :param httponly: disallow JavaScript to access the cookie. This is an |
| 1307 | extension to the cookie standard and probably not |
| 1308 | supported by all browsers. |
| 1309 | :param charset: the encoding for string values. |
| 1310 | :param sync_expires: automatically set expires if max_age is defined |
| 1311 | but expires not. |
| 1312 | :param max_size: Warn if the final header value exceeds this size. The |
| 1313 | default, 4093, should be safely `supported by most browsers |
| 1314 | <cookie_>`_. Set to 0 to disable this check. |
| 1315 | :param samesite: Limits the scope of the cookie such that it will |
| 1316 | only be attached to requests if those requests are same-site. |
| 1317 | :param partitioned: Opts the cookie into partitioned storage. This |
| 1318 | will also set secure to True |
| 1319 | |
| 1320 | .. _`cookie`: http://browsercookielimits.squawky.net/ |
| 1321 | |
| 1322 | .. versionchanged:: 3.1 |
| 1323 | The ``partitioned`` parameter was added. |
| 1324 | |
| 1325 | .. versionchanged:: 3.0 |