diff options
| -rw-r--r-- | pyramid/session.py | 2 | ||||
| -rw-r--r-- | pyramid/tests/test_session.py | 18 |
2 files changed, 19 insertions, 1 deletions
diff --git a/pyramid/session.py b/pyramid/session.py index 9e0733661..d3a4113b9 100644 --- a/pyramid/session.py +++ b/pyramid/session.py @@ -565,7 +565,7 @@ def SignedCookieSessionFactory( if deserialize is None: deserialize = pickle.loads - digestmod = lambda: hashlib.new(hashalg) + digestmod = lambda string=b'': hashlib.new(hashalg, string) digest_size = digestmod().digest_size salted_secret = bytes_(salt or '') + bytes_(secret) diff --git a/pyramid/tests/test_session.py b/pyramid/tests/test_session.py index c13d3ce5c..a9f70d6a0 100644 --- a/pyramid/tests/test_session.py +++ b/pyramid/tests/test_session.py @@ -370,6 +370,24 @@ class TestSignedCookieSession(SharedCookieSessionTests, unittest.TestCase): session = self._makeOne(request) self.assertEqual(session, {}) + def test_very_long_key(self): + verylongkey = b'a' * 1024 + import webob + request = testing.DummyRequest() + session = self._makeOne(request, secret=verylongkey) + session['a'] = 1 + callbacks = request.response_callbacks + self.assertEqual(len(callbacks), 1) + response = webob.Response() + + try: + result = callbacks[0](request, response) + except TypeError as e: # pragma: no cover + self.fail('HMAC failed to initialize due to key length.') + + self.assertEqual(result, None) + self.assertTrue('Set-Cookie' in dict(response.headerlist)) + class TestUnencryptedCookieSession(SharedCookieSessionTests, unittest.TestCase): def setUp(self): super(TestUnencryptedCookieSession, self).setUp() |