Re: [Django] #32643: CookieStorage for contrib.messages crashes after upgrade to django 3.2

Tue, 13 Apr 2021 04:28:25 -0700 

#32643: CookieStorage for contrib.messages crashes after upgrade to django 3.2
-------------------------------------+-------------------------------------
     Reporter:  Jan Pieter           |                    Owner:  nobody
  Waagmeester                        |
         Type:  Bug                  |                   Status:  new
    Component:  contrib.messages     |                  Version:  3.2
     Severity:  Normal               |               Resolution:
     Keywords:                       |             Triage Stage:
                                     |  Unreviewed
    Has patch:  0                    |      Needs documentation:  0
  Needs tests:  0                    |  Patch needs improvement:  0
Easy pickings:  0                    |                    UI/UX:  0
-------------------------------------+-------------------------------------
Description changed by Jan Pieter Waagmeester:

Old description:

> After upgrading to django 3.2, a prevously stored cookie for
> contrib.messages crashes in
>
> https://github.com/django/django/blob/d6314c4c2ef647efe0d12450214fc5b4a4055290/django/contrib/messages/storage/cookie.py#L175
>
> Django Version: 3.2
> Python Version: 3.8.2
>
> {{{
> Traceback (most recent call last):
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/core/handlers/exception.py", line 47, in inner
>     response = get_response(request)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/utils/deprecation.py", line 119, in __call__
>     response = self.process_response(request, response)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/middleware.py", line 23, in
> process_response
>     unstored_messages = request._messages.update(response)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/storage/base.py", line 127, in update
>     messages = self._loaded_messages + self._queued_messages
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/storage/base.py", line 79, in
> _loaded_messages
>     messages, all_retrieved = self._get()
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/storage/fallback.py", line 25, in _get
>     messages, all_retrieved = storage._get()
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/storage/cookie.py", line 86, in _get
>     messages = self._decode(data)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/contrib/messages/storage/cookie.py", line 175, in _decode
>     return self.signer.unsign_object(data, serializer=MessageSerializer)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/core/signing.py", line 195, in unsign_object
>     data = b64_decode(base64d)
>   File "/home/obs/virtualenv/lib/python3.8/site-
> packages/django/core/signing.py", line 68, in b64_decode
>     return base64.urlsafe_b64decode(s + pad)
>   File "/usr/lib/python3.8/base64.py", line 133, in urlsafe_b64decode
>     return b64decode(s)
>   File "/usr/lib/python3.8/base64.py", line 87, in b64decode
>     return binascii.a2b_base64(s)
>
> Exception Type: Error at /user/login/
> Exception Value: Invalid base64-encoded string: number of data characters
> (369) cannot be 1 more than a multiple of 4
> }}}
>
> (redacted) contents of the 'messages' cookie:
> {{{
> '[["__json_message",0,25,"Successfully signed in as '
>  'ad...@example.org."],["__json_message",0,25,"Successfully '
>  'signed in as jieter."],["__json_message",0,25,"Ingelogd als '
>  'ad...@example.org."],["__json_message",0,25,"Ingelogd '
>  'als '
>  'ad...@example.org."],["__json_message",0,20,"Bevestigingsmail '
>  'verzonden naar t...@example.nl."],["__json_message",0,25,"Ingelogd '
>  'als '
>  't...@example.nl."]]:1lTkj1:j_3PlpYSKiqPTMAB6_p2Q00eE8j6k7n0Sg_-
> _IpXG7Y')
> }}}

New description:

 After upgrading to django 3.2, a previously stored cookie for
 contrib.messages crashes in

 
https://github.com/django/django/blob/d6314c4c2ef647efe0d12450214fc5b4a4055290/django/contrib/messages/storage/cookie.py#L175

 Django Version: 3.2
 Python Version: 3.8.2

 {{{
 Traceback (most recent call last):
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/core/handlers/exception.py", line 47, in inner
     response = get_response(request)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/utils/deprecation.py", line 119, in __call__
     response = self.process_response(request, response)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/middleware.py", line 23, in
 process_response
     unstored_messages = request._messages.update(response)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/storage/base.py", line 127, in update
     messages = self._loaded_messages + self._queued_messages
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/storage/base.py", line 79, in
 _loaded_messages
     messages, all_retrieved = self._get()
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/storage/fallback.py", line 25, in _get
     messages, all_retrieved = storage._get()
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/storage/cookie.py", line 86, in _get
     messages = self._decode(data)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/contrib/messages/storage/cookie.py", line 175, in _decode
     return self.signer.unsign_object(data, serializer=MessageSerializer)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/core/signing.py", line 195, in unsign_object
     data = b64_decode(base64d)
   File "/home/obs/virtualenv/lib/python3.8/site-
 packages/django/core/signing.py", line 68, in b64_decode
     return base64.urlsafe_b64decode(s + pad)
   File "/usr/lib/python3.8/base64.py", line 133, in urlsafe_b64decode
     return b64decode(s)
   File "/usr/lib/python3.8/base64.py", line 87, in b64decode
     return binascii.a2b_base64(s)

 Exception Type: Error at /user/login/
 Exception Value: Invalid base64-encoded string: number of data characters
 (369) cannot be 1 more than a multiple of 4
 }}}

 (redacted) contents of the 'messages' cookie:
 {{{
 '[["__json_message",0,25,"Successfully signed in as '
  'ad...@example.org."],["__json_message",0,25,"Successfully '
  'signed in as jieter."],["__json_message",0,25,"Ingelogd als '
  'ad...@example.org."],["__json_message",0,25,"Ingelogd '
  'als '
  'ad...@example.org."],["__json_message",0,20,"Bevestigingsmail '
  'verzonden naar t...@example.nl."],["__json_message",0,25,"Ingelogd '
  'als '
  't...@example.nl."]]:1lTkj1:j_3PlpYSKiqPTMAB6_p2Q00eE8j6k7n0Sg_-_IpXG7Y')
 }}}

--

-- 
Ticket URL: <https://code.djangoproject.com/ticket/32643#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/064.9756e8552fcc9cc13b26d0f05dffecf4%40djangoproject.com.

Reply via email to