Opened 13 years ago

Closed 13 years ago

#17931 closed Bug (fixed)

set_cookie timezone naive vs aware

Reported by: James Addison Owned by: Aymeric Augustin
Component: HTTP handling Version: dev
Severity: Release blocker Keywords: timezone, cookie
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I appear to be unable to set a cookie when using the following in my settings and code:

from django.utils import timezone

TIME_ZONE = 'America/Vancouver'
USE_TZ=True

I get the following traceback:

Traceback (most recent call last):
  File "/Users/jaddison/projects/testproj/src/django/django/core/handlers/base.py", line 111, in get_response
    response = callback(request, *callback_args, **callback_kwargs)
  File "/Users/jaddison/projects/testproj/src/django/django/views/decorators/csrf.py", line 77, in wrapped_view
    return view_func(*args, **kwargs)
  File "/Users/jaddison/projects/testproj/project/apps/facebookapp/views.py", line 61, in tab
    response.set_cookie('referral_data', "page-%s" % page.id, expires=timezone.now() + datetime.timedelta(days=settings.SIGNUP_REFERRAL_COOKIE_DURATION))
  File "/Users/jaddison/projects/testproj/src/django/django/http/__init__.py", line 651, in set_cookie
    delta = expires - expires.utcnow()
TypeError: can't subtract offset-naive and offset-aware datetimes

I *think* that set_cookie needs to be checked for aware vs naive datetime handling, but I'm not sure. Am willing to provide more information upon request.

Attachments (1)

17931.diff (2.6 KB ) - added by Aymeric Augustin 13 years ago.

Download all attachments as: .zip

Change History (6)

comment:1 by Aymeric Augustin, 13 years ago

Owner: changed from nobody to Aymeric Augustin
Triage Stage: UnreviewedAccepted

comment:2 by Aymeric Augustin, 13 years ago

Has patch: set

set_cookie is a bit of a special case already -- its expires argument must be "a naive datetime in UTC", while everything else happens (well, used to happen) in local time in Django. If you use it, you probably have either TIME_ZONE = "UTC" or some conversion code.

Anyway, with aware datetimes being the standard when USE_TZ = True, and the general recommendation to use timezone.now() (as facebookapp does in the traceback above), it makes sense to accept them in set_cookie. Does the attached patch fix your problem?

Last edited 13 years ago by Aymeric Augustin (previous) (diff)

by Aymeric Augustin, 13 years ago

Attachment: 17931.diff added

comment:3 by Aymeric Augustin, 13 years ago

I just checked that there are no other uses of utcnow in Django, except in code related to time zone support.

comment:4 by James Addison, 13 years ago

Yes, the code now works - and it makes sense that it needs to work with naive datetimes internally when setting the cookie. Nice work.

Not sure if I should resolve the bug as fixed or not... I'll leave that for others as I don't want to step on toes.

comment:5 by Aymeric Augustin, 13 years ago

Resolution: fixed
Status: newclosed

In [17766]:

Fixed #17931 -- Accepted aware datetimes to set cookies expiry dates. Thanks jaddison for the report.

Note: See TracTickets for help on using tickets.
Back to Top