Loading django/contrib/sessions/backends/signed_cookies.py +3 −1 Original line number Diff line number Diff line Loading @@ -17,7 +17,9 @@ class SessionStore(SessionBase): # This doesn't handle non-default expiry dates, see #19201 max_age=settings.SESSION_COOKIE_AGE, salt='django.contrib.sessions.backends.signed_cookies') except (signing.BadSignature, ValueError): except Exception: # BadSignature, ValueError, or unpickling exceptions. If any of # these happen, reset the session. self.create() return {} Loading tests/sessions_tests/tests.py +12 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,9 @@ from django.contrib.sessions.backends.signed_cookies import \ from django.contrib.sessions.exceptions import InvalidSessionKey from django.contrib.sessions.middleware import SessionMiddleware from django.contrib.sessions.models import Session from django.contrib.sessions.serializers import ( JSONSerializer, PickleSerializer, ) from django.core import management from django.core.cache import caches from django.core.cache.backends.base import InvalidCacheBackendError Loading Loading @@ -632,3 +635,12 @@ class CookieSessionTests(SessionTestsMixin, unittest.TestCase): def test_actual_expiry(self): # The cookie backend doesn't handle non-default expiry dates, see #19201 super(CookieSessionTests, self).test_actual_expiry() def test_unpickling_exception(self): # signed_cookies backend should handle unpickle exceptions gracefully # by creating a new session self.assertEqual(self.session.serializer, JSONSerializer) self.session.save() self.session.serializer = PickleSerializer self.session.load() Loading
django/contrib/sessions/backends/signed_cookies.py +3 −1 Original line number Diff line number Diff line Loading @@ -17,7 +17,9 @@ class SessionStore(SessionBase): # This doesn't handle non-default expiry dates, see #19201 max_age=settings.SESSION_COOKIE_AGE, salt='django.contrib.sessions.backends.signed_cookies') except (signing.BadSignature, ValueError): except Exception: # BadSignature, ValueError, or unpickling exceptions. If any of # these happen, reset the session. self.create() return {} Loading
tests/sessions_tests/tests.py +12 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,9 @@ from django.contrib.sessions.backends.signed_cookies import \ from django.contrib.sessions.exceptions import InvalidSessionKey from django.contrib.sessions.middleware import SessionMiddleware from django.contrib.sessions.models import Session from django.contrib.sessions.serializers import ( JSONSerializer, PickleSerializer, ) from django.core import management from django.core.cache import caches from django.core.cache.backends.base import InvalidCacheBackendError Loading Loading @@ -632,3 +635,12 @@ class CookieSessionTests(SessionTestsMixin, unittest.TestCase): def test_actual_expiry(self): # The cookie backend doesn't handle non-default expiry dates, see #19201 super(CookieSessionTests, self).test_actual_expiry() def test_unpickling_exception(self): # signed_cookies backend should handle unpickle exceptions gracefully # by creating a new session self.assertEqual(self.session.serializer, JSONSerializer) self.session.save() self.session.serializer = PickleSerializer self.session.load()
