Patch-Source: https://github.com/pallets-eco/secure-cookie/commit/4cf2f734ce3166b57ad110b45979c9215173b2a5
From 4cf2f734ce3166b57ad110b45979c9215173b2a5 Mon Sep 17 00:00:00 2001
From: Pieter-Jan Dewitte <pj.dewitte@gmail.com>
Date: Sat, 11 Jun 2022 01:29:57 +0200
Subject: [PATCH] Support Werkzeug version 2.1.0+ (#90)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Contributing.rst: correct typo

* pre-commit: update the Black version, outdated version produced an import error

* Support Werkzeug version 2.1.0+ (#89)

Co-authored-by: Pieter-Jan Dewitte <p.dewitte@rotterdamengineering.nl>
---
 .pre-commit-config.yaml     |  2 +-
 CHANGES.rst                 |  1 +
 CONTRIBUTING.rst            |  2 +-
 src/secure_cookie/cookie.py | 10 ++--------
 4 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/src/secure_cookie/cookie.py b/src/secure_cookie/cookie.py
index 0b1530e..804aae3 100644
--- a/src/secure_cookie/cookie.py
+++ b/src/secure_cookie/cookie.py
@@ -102,14 +102,13 @@ def application(request):
 import json as _json
 from datetime import datetime
 from hashlib import sha1 as _default_hash
+from hmac import compare_digest
 from hmac import new as hmac
 from numbers import Number
 from time import time
 
-from werkzeug.security import safe_str_cmp
 from werkzeug.urls import url_quote_plus
 from werkzeug.urls import url_unquote_plus
-from werkzeug.utils import detect_utf_encoding
 
 from ._compat import to_bytes
 from ._compat import to_native
@@ -144,11 +143,6 @@ def dumps(cls, obj, **kw):
 
     @staticmethod
     def loads(s, **kw):
-        if isinstance(s, bytes):
-            # Needed for Python < 3.6
-            encoding = detect_utf_encoding(s)
-            s = s.decode(encoding)
-
         return _json.loads(s, **kw)
 
 
@@ -341,7 +335,7 @@ def unserialize(cls, string, secret_key):
             except TypeError:
                 items = client_hash = None
 
-            if items is not None and safe_str_cmp(client_hash, mac.digest()):
+            if items is not None and compare_digest(client_hash, mac.digest()):
                 try:
                     for key, value in items.items():
                         items[key] = cls.unquote(value)