Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #18781 -- Reduced max session cookie size.

  • Loading branch information...
commit 4e1fd38bd6f007b6bb4cc57a0a841b78475a9d26 1 parent 6add617
@aaugustin aaugustin authored
View
8 django/contrib/messages/storage/cookie.py
@@ -46,10 +46,10 @@ class CookieStorage(BaseStorage):
Stores messages in a cookie.
"""
cookie_name = 'messages'
- # We should be able to store 4K in a cookie, but Internet Explorer
- # imposes 4K as the *total* limit for a domain. To allow other
- # cookies, we go for 3/4 of 4K.
- max_cookie_size = 3072
+ # uwsgi's default configuration enforces a maximum size of 4kb for all the
+ # HTTP headers. In order to leave some room for other cookies and headers,
+ # restrict the session cookie to 1/2 of 4kb. See #18781.
+ max_cookie_size = 2048
not_finished = '__messagesnotfinished__'
def _get(self, *args, **kwargs):
View
10 django/contrib/messages/tests/base.py
@@ -152,7 +152,7 @@ def test_full_request_response_cycle(self):
cycle.
"""
data = {
- 'messages': ['Test message %d' % x for x in range(10)],
+ 'messages': ['Test message %d' % x for x in range(5)],
}
show_url = reverse('django.contrib.messages.tests.urls.show')
for level in ('debug', 'info', 'success', 'warning', 'error'):
@@ -170,7 +170,7 @@ def test_full_request_response_cycle(self):
@override_settings(MESSAGE_LEVEL=constants.DEBUG)
def test_with_template_response(self):
data = {
- 'messages': ['Test message %d' % x for x in range(10)],
+ 'messages': ['Test message %d' % x for x in range(5)],
}
show_url = reverse('django.contrib.messages.tests.urls.show_template_response')
for level in self.levels.keys():
@@ -194,7 +194,7 @@ def test_multiple_posts(self):
before a GET.
"""
data = {
- 'messages': ['Test message %d' % x for x in range(10)],
+ 'messages': ['Test message %d' % x for x in range(5)],
}
show_url = reverse('django.contrib.messages.tests.urls.show')
messages = []
@@ -226,7 +226,7 @@ def test_middleware_disabled(self):
when one attempts to store a message.
"""
data = {
- 'messages': ['Test message %d' % x for x in range(10)],
+ 'messages': ['Test message %d' % x for x in range(5)],
}
show_url = reverse('django.contrib.messages.tests.urls.show')
for level in ('debug', 'info', 'success', 'warning', 'error'):
@@ -251,7 +251,7 @@ def test_middleware_disabled_fail_silently(self):
raised if 'fail_silently' = True
"""
data = {
- 'messages': ['Test message %d' % x for x in range(10)],
+ 'messages': ['Test message %d' % x for x in range(5)],
'fail_silently': True,
}
show_url = reverse('django.contrib.messages.tests.urls.show')
Please sign in to comment.
Something went wrong with that request. Please try again.