I'm not sure why this fails, but as you can see, when the input is made somewhat large, aiohttp-session seems to fail silently without raising errors or warnings.
Expected behavior: Raise error when input size is larger than allowed size.
A small example:
import time
import base64
from cryptography import fernet
from aiohttp import web
from aiohttp.web import Request, Response
from aiohttp_session import setup, get_session
from aiohttp_session.cookie_storage import EncryptedCookieStorage
async def handler(request: Request) -> Response:
session = await get_session(request)
other_thing = session['other_thing'] if 'other_thing' in session else None
last_visit = session['last_visit'] if 'last_visit' in session else None
session['last_visit'] = time.time()
to_string = "a"*2900
session['other_thing'] = to_string
text = f'Last visited: {last_visit}, other_thing: {other_thing}'
return web.Response(text=text)
def make_app():
app = web.Application()
# secret_key must be 32 url-safe base64-encoded bytes
fernet_key = fernet.Fernet.generate_key()
secret_key = base64.urlsafe_b64decode(fernet_key)
setup(app, EncryptedCookieStorage(secret_key))
app.router.add_get('/', handler)
return app
web.run_app(make_app(), host="localhost")
I'm not sure why this fails, but as you can see, when the input is made somewhat large,
aiohttp-sessionseems to fail silently without raising errors or warnings.Expected behavior: Raise error when input size is larger than allowed size.
A small example: