cookies: Make over18 cookie not IP-hashed.

The over18 cookie's IP hashing behavior is of dubious use and is not at all compatible with efficient CDN caching.
2026-04-27 03:00:12 -04:00 · 2013-01-16 14:32:10 -08:00
parent f7f94d5cd7
commit d14c00c1d9
2 changed files with 4 additions and 5 deletions
--- a/r2/r2/controllers/post.py
+++ b/r2/r2/controllers/post.py
@@ -143,10 +143,7 @@ class PostController(ApiController):
                c.user.pref_over_18 = True
                c.user._commit()
            else:
-                ip_hash = hashlib.sha1(request.ip).hexdigest()
-                domain = g.domain if not c.frameless_cname else None
-                c.cookies.add('over18', ip_hash,
-                              domain = domain)
+                c.cookies.add("over18", "1")
            return self.redirect(dest)
        else:
            return self.redirect('/')
--- a/r2/r2/controllers/reddit_base.py
+++ b/r2/r2/controllers/reddit_base.py
@@ -319,8 +319,10 @@ def over18():
    else:
        if 'over18' in c.cookies:
            cookie = c.cookies['over18'].value
-            if cookie == sha1(request.ip).hexdigest():
+            if cookie == "1":
                return True
+            else:
+                c.cookies["over18"] = Cookie(value="", expires=DELETE)

 def set_obey_over18():
    "querystring parameter for API to obey over18 filtering rules"