#35066 closed Bug (invalid)

Unsupported operand exception in response.py

Reported by: PaddyKe Owned by: nobody
Component: HTTP handling Version: 5.0
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

Hi, when using the Django-Revproxy Plugin I stumbled across an error when cookies are being set.

Error message:

Internal Server Error: /login
Traceback (most recent call last):
  File "<projekt path>/venv/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/contrib/auth/mixins.py", line 73, in dispatch
    return super().dispatch(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/revproxy/views.py", line 247, in dispatch
    response = get_django_response(proxy_response,
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/revproxy/response.py", line 64, in get_django_response
    response.set_cookie(**cookie_dict)
  File "<projekt path>/venv/lib/python3.11/site-packages/django/http/response.py", line 264, in set_cookie
    self.cookies[key]["expires"] = http_date(time.time() + max_age)
                                             ~~~~~~~~~~~~^~~~~~~~~
TypeError: unsupported operand type(s) for +: 'float' and 'str'
ERROR:django.request:Internal Server Error: /login
Traceback (most recent call last):
  File "<projekt path>/venv/lib/python3.11/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/views/generic/base.py", line 104, in view
    return self.dispatch(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/django/contrib/auth/mixins.py", line 73, in dispatch
    return super().dispatch(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/revproxy/views.py", line 247, in dispatch
    response = get_django_response(proxy_response,
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<projekt path>/venv/lib/python3.11/site-packages/revproxy/response.py", line 64, in get_django_response
    response.set_cookie(**cookie_dict)
  File "<projekt path>/venv/lib/python3.11/site-packages/django/http/response.py", line 264, in set_cookie
    self.cookies[key]["expires"] = http_date(time.time() + max_age)
                                             ~~~~~~~~~~~~^~~~~~~~~
TypeError: unsupported operand type(s) for +: 'float' and 'str'

The error gets thrown in HttpResponseBase-class in the set_cookie-method and it should be easy to fix.
Currently, the important part of the set_cookie-method looks as follows:

        if max_age is not None:
            if isinstance(max_age, datetime.timedelta):
                max_age = max_age.total_seconds()
            self.cookies[key]["max-age"] = int(max_age)
            # IE requires expires, so set it if hasn't been already.
            if not expires:
                self.cookies[key]["expires"] = http_date(time.time() + max_age)


In the last line of this snipped (line 264 in the response.py) max_age is a string and should be converted to int before adding it to time.time().
The code fix could look like this:

self.cookies[key]["expires"] = http_date(time.time() + int(max_age))

Change History (1)

comment:1 by Mariusz Felisiak, 10 months ago

Resolution: invalid
Status: newclosed

Thanks for this report, however str is not supported as max_age as documented:

max_age should be a timedelta object, an integer number of seconds, or None

Note: See TracTickets for help on using tickets.
Back to Top