[Django] #23596: request.session.save() raise TypeError: [<Group: Admin user>] is not JSON serializable

124 views
Skip to first unread message

Django

unread,
Oct 3, 2014, 5:39:10 PM10/3/14
to django-...@googlegroups.com
#23596: request.session.save() raise TypeError: [<Group: Admin user>] is not JSON
serializable
-------------------------+-------------------------------------------------
Reporter: caot | Owner: nobody
Type: Bug | Status: new
Component: | Version: 1.7
contrib.sessions | Keywords: session save serializer dumps JSON
Severity: Normal | serializable
Triage Stage: | Has patch: 0
Unreviewed | UI/UX: 1
Easy pickings: 0 |
-------------------------+-------------------------------------------------
request.session.save() raise TypeError: [<Group: Admin user>] is not JSON
serializable

it's the auth.models.Group.objects.all() that is not JSON serializable. it
worked perfect well upto django 1.5.

Django 1.5:

{{{
def encode(self, session_dict):
"Returns the given session dictionary pickled and encoded as a
string."
pickled = pickle.dumps(session_dict, pickle.HIGHEST_PROTOCOL)
hash = self._hash(pickled)
return base64.b64encode(hash.encode() + b":" +
pickled).decode('ascii')
}}}

Django 1.7:


{{{
def encode(self, session_dict):
"Returns the given session dictionary serialized and encoded as a
string."
serialized = self.serializer().dumps(session_dict)
hash = self._hash(serialized)
return base64.b64encode(hash.encode() + b":" +
serialized).decode('ascii')
}}}


it looks there is some issue with self.serializer().

--
Ticket URL: <https://code.djangoproject.com/ticket/23596>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
Oct 3, 2014, 6:15:04 PM10/3/14
to django-...@googlegroups.com
#23596: request.session.save() raise TypeError: [<Group: Admin user>] is not JSON
serializable
-------------------------------------+-------------------------------------
Reporter: caot | Owner: nobody
Type: Bug | Status: closed
Component: contrib.sessions | Version: 1.7
Severity: Normal | Resolution: invalid
Keywords: session save | Triage Stage:
serializer dumps JSON | Unreviewed
serializable | Needs documentation: 0
Has patch: 0 | Patch needs improvement: 0
Needs tests: 0 | UI/UX: 1
Easy pickings: 0 |
-------------------------------------+-------------------------------------
Changes (by charettes):

* status: new => closed
* needs_docs: => 0
* resolution: => invalid
* needs_tests: => 0
* needs_better_patch: => 0


Comment:

For [https://docs.djangoproject.com/en/1.7/topics/http/sessions/#session-
serialization documented security reasons] sessions are serialized using
JSON instead of `pickle` since Django 1.6.

If you want to store a collection of model instances using
`django.contrib.sessions.serializers.JSONSerializer` I suggest you convert
it to a list of primary keys instead:

{{{#!python
sessions['groups'] = [group.pk for group in groups]
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/23596#comment:1>

Reply all
Reply to author
Forward
0 new messages