From 6d4ef85b8c44459a678be268e170471ba5cb52ab Mon Sep 17 00:00:00 2001
From: Eric Atkin <eatkin@certusllc.us>
Date: Mon, 22 Jun 2020 11:48:16 -0600
Subject: Only set a single cookie

---
 src/pyramid/authentication.py | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/pyramid/authentication.py b/src/pyramid/authentication.py
index 1bddc1ff3..d5c5f8426 100644
--- a/src/pyramid/authentication.py
+++ b/src/pyramid/authentication.py
@@ -1025,24 +1025,20 @@ class AuthTktCookieHelper:
         self.hashalg = hashalg
 
     def _get_cookies(self, request, value, max_age=None):
-        cur_domain = request.domain
-
-        domains = []
         if self.domain:
-            domains.append(self.domain)
+            domain = self.domain
         else:
+            cur_domain = request.domain
             if self.parent_domain and cur_domain.count('.') > 1:
-                domains.append('.' + cur_domain.split('.', 1)[1])
+                domain = cur_domain.split('.', 1)[1]
+            elif self.wild_domain:
+                domain = cur_domain
             else:
-                domains.append(None)
-                if self.wild_domain:
-                    domains.append(cur_domain)
-                    domains.append('.' + cur_domain)
+                domain = None
 
         profile = self.cookie_profile(request)
 
-        kw = {}
-        kw['domains'] = domains
+        kw = {'domains': [domain]}
         if max_age is not None:
             kw['max_age'] = max_age
 
-- 
cgit v1.2.3