Closed ajdavis closed 6 years ago
The original reporter is the only Twitter user who seems to trigger this bug. It must be related to this log message I just noticed:
/home/emptysquare/my-venv/local/lib/python2.7/site-packages/werkzeug/wrappers.py:1116: UserWarning: The "session" cookie is too large: the value was 5010 bytes but the header required 26 extra bytes. The final size was 5036 bytes but the limit is 4093 bytes. Browsers may silently ignore cookies larger than this.
Running the server locally doesn't trigger the bug, but in the context of PythonAnywhere's stack it must result in a corrupt cookie, or perhaps a request that's denied before it even reaches my application.
Only the a Twitter user's "lists" can cause unbounded data to be stored in the cookie. Try to store less info about each list to keep the cookie shorter.
Reported here, occasional HTTP 503 errors on proporti.onl during Twitter auth flow:
https://twitter.com/AidanBudd/status/969217821174583299
The application logs: