Opened 9 years ago

Closed 9 years ago

#24422 closed Uncategorized (needsinfo)

Messages framework not correctly encoding messages

Reported by: YPCrumble Owned by: nobody
Component: Uncategorized Version: 1.7
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I'm using Django 1.7.5. I added the messages framework that added a cookie to my machine. When I send a request from my browser, my cookie is included in the following raw_cookie string:

'djdttop=29; messages=71cd3671ca23bf7d6a599fb79d21a35c119780a4$\\"__json_message\\"\\0540\\05420\\054\\"This is my message.\\"]\\054[\\"__json_message\\"\\0540\\05425\\054\\"My second messages.\\"; sessionid=dqvje0lqh8czad0r7qxm2in4c7g3i25z; djdtRedirectsPanel=on; djdtSettingsPanel=off; djdtHeadersPanel=off; csrftoken=cRDz29PIcf0M2jmMgJdfehb8JUTvyPik; djdtTimerPanel=on; djdt=show'

When python tries to decode this string (using Cookie.SmartCookie), it only outputs: <SmartCookie: djdttop='29'>

It's because my messages have been improperly encoded. If you take out the messages from the string, the rest of the cookies decode fine. Somehow Django isn't correctly encoding the messages cookie and it's interrupting other cookies in my browser.

Change History (4)

comment:1 by Tim Graham, 9 years ago

If you are using Python 3.2.6, you are likely running into http://bugs.python.org/issue22758.

If not, can you reproduce the issue without Django Debug Toolbar? We'll likely need better steps to reproduce the issue.

comment:2 by YPCrumble, 9 years ago

I'm using Python 2.7.9.

I get the same issue when DjDT is not installed - the DjDT cookies just aren't there in that case, but the messages cookie still messes things up because it still has that $ in the middle.

I'm somewhat new - let me know what info you'd like me to provide? If it is an error I'd love to contribute a commit, but I haven't contributed to open source code before so I'm not sure how to make that happen.

I believe the error is getting caught in line 91 of django.http.cookie.py. The SimpleCookie referenced there can't access the messages cookie, which has that $ to split the cookie and the messages.

comment:3 by Tim Graham, 9 years ago

Steps to reproduce would include a code snippet of your usage of the messages framework (in a view I'd guess) and then the steps to reproduce the error using that code.

comment:4 by Tim Graham, 9 years ago

Resolution: needsinfo
Status: newclosed

Please reopen when you provide those steps. I can't reproduce a problem.

Note: See TracTickets for help on using tickets.
Back to Top