Flask – multiple session cookies with the same name

故事扮演 提交于 2021-01-21 04:22:04

问题


I have found a very strange problem in my Flask application. I discovered that in some circumstances multiple session cookies could be created with the same name. I attached a picture about it. It is not browser specific.

It is strange itself, but the real problem comes when I try to validate a form with CSRF token. Unfortunately, Flask picks a wrong session cookie and the validation of the CSRF token cannot be successful. And even more strangely the problem persists even after multiple form submits. The only solution is deleting the cookies which is not an option for an average user.

Are there any options to prevent Flask to create cookies with the same name? Or at least is there an option for get all cookie names from my application? In this case at least I would able to delete session cookies with the same name.


回答1:


Without code, it is hard to tell where Flask generates multiple cookies with the same name, but it is possible that you let the cookie live to long, please see Flask: How to remove cookies? to deal with this issue.

If I understand you correctly, another main issue is [comment by me]:

Flask picks a wrong session cookie [of multiple ones with the same name]

Picking the wrong cookie from multiple ones with the same name is not Flask-specific, but rather about the logic used by client/ browser, see e.g. How to handle multiple cookies with the same name?



来源:https://stackoverflow.com/questions/61572178/flask-multiple-session-cookies-with-the-same-name

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!