search

QueraTeam / django-nextjs

Next.js integration for Django projects
MIT License
351 stars 18 forks source link

CookieError - Attempt to set a reserved key 'expires' #29

Closed mrxsal closed 1 year ago

mrxsal commented 1 year ago

I am occasionally getting this error in my logs coming from _render_nextjs_page_to_string:

CookieError at {path} Attempt to set a reserved key 'expires'

For some reason, bing's crawler/bot has a cookie name set with the name expires when it crawls my pages.

It seems that all cookies in the request are passed to _render_nextjs_page_to_string which then further processes it in aiohttp.ClientSession. Apparently it cannot handle cookies with reserved keywords. Perhaps we should sanitize the cookies by removing or ignoring the "expires" cookie name or any other cookie names with reserved keywords?

Full Traceback:

Traceback (most recent call last):
  File "/var/app/venv/staging-LQM1lest/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
    response = get_response(request)
  File "/var/app/venv/staging-LQM1lest/lib/python3.8/site-packages/django/core/handlers/base.py", line 181, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/lib64/python3.8/concurrent/futures/_base.py", line 432, in result
    return self.__get_result()
  File "/usr/lib64/python3.8/concurrent/futures/_base.py", line 388, in __get_result
    raise self._exception
  File "/var/app/current/home/views.py", line 31, in nextjs_space_detail_slug
    return await render_nextjs_page(request)
  File "/var/app/venv/staging-LQM1lest/lib/python3.8/site-packages/django_nextjs/render.py", line 148, in render_nextjs_page
    content, status, response_headers = await _render_nextjs_page_to_string(
  File "/var/app/venv/staging-LQM1lest/lib/python3.8/site-packages/django_nextjs/render.py", line 99, in _render_nextjs_page_to_string
    async with aiohttp.ClientSession(
  File "/var/app/venv/staging-LQM1lest/lib64/python3.8/site-packages/aiohttp/client.py", line 254, in __init__
    self._cookie_jar.update_cookies(cookies)
  File "/var/app/venv/staging-LQM1lest/lib64/python3.8/site-packages/aiohttp/cookiejar.py", line 172, in update_cookies
    tmp[name] = cookie  # type: ignore[assignment]
  File "/usr/lib64/python3.8/http/cookies.py", line 495, in __setitem__
    self.__set(key, rval, cval)
  File "/usr/lib64/python3.8/http/cookies.py", line 485, in __set
    M.set(key, real_value, coded_value)
  File "/usr/lib64/python3.8/http/cookies.py", line 350, in set
    raise CookieError('Attempt to set a reserved key %r' % (key,))
danialkeimasi commented 1 year ago

It's a good idea to exclude them. Thanks!