Opened 9 years ago

Closed 9 years ago

#25458 closed Bug (duplicate)

Cookie parse error with wrong django.contrib.message

Reported by: Maciej Pawlisz Owned by: Tim Graham
Component: HTTP handling Version: 1.8
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I am using Django CMS and BrowserSync and after some action in admin I have the following Cookie header:

django_language=en; messages=8702c54129af91621524927d13d81146d5e2d409$[[\"__json_message\"\0540\05425\054\"stron\\u0119 \\\"Czego uczymy\\\" dodany pomy\\u015blnie.\"]]; sessionid=p5t47jhl24n5jks53a40sks2hhxdsot1; csrftoken=h976zQTkIMW9QhWWBAvwhC8q3xpgJ7s5

Unfortunately Django does not parse it correctly:

In [4]: cookie.parse_cookie('django_language=en; messages=8702c54129af9162152492
7d13d81146d5e2d409$[[\"__json_message\"\0540\05425\054\"stron\"]]; sessionid=p5t
47jhl24n5jks53a40sks2hhxdsot1; csrftoken=h976zQTkIMW9QhWWBAvwhC8q3xpgJ7s5')
Out[4]: {'django_language': 'en'}

As you can imagine sessions stop working, because parsing stops after first error.
Parse error is actually caused by BrowserSync (it does not send double quotes around message, I filed a bug report about that https://github.com/BrowserSync/browser-sync/issues/842). Unfortunately Django is not able to recover from that error, and this wrong cookie stays forever so you cannot log in, or send POST request to a website.

Everything works fine when I delete messages from the cookie:

In [5]: cookie.parse_cookie('django_language=en; sessionid=p5t47jhl24n5jks53a40s
ks2hhxdsot1; csrftoken=h976zQTkIMW9QhWWBAvwhC8q3xpgJ7s5')
Out[5]:
{'csrftoken': 'h976zQTkIMW9QhWWBAvwhC8q3xpgJ7s5',
 'django_language': 'en',
 'sessionid': 'p5t47jhl24n5jks53a40sks2hhxdsot1'}

My Python version is 2.7.10.

Change History (4)

comment:1 by Maciej Pawlisz, 9 years ago

Component: UncategorizedHTTP handling

comment:2 by Tim Graham, 9 years ago

Owner: changed from nobody to Tim Graham
Status: newassigned
Triage Stage: UnreviewedAccepted
Type: UncategorizedBug

Probably this report goes to Python as we are mostly using the standard library for parsing, but I can take care of that.

comment:4 by Tim Graham, 9 years ago

Resolution: duplicate
Status: assignedclosed

Marking as duplicate of the Python bug.

Note: See TracTickets for help on using tickets.
Back to Top