enforce integer for max-age cookie

2019-01-03 15:01:54 -08:00
parent 2af229eb1a
commit 7067295e67
2 changed files with 11 additions and 3 deletions
--- a/sanic/cookies.py
+++ b/sanic/cookies.py
@@ -1,6 +1,7 @@
 import re
 import string

+DEFAULT_MAX_AGE = 0

 # ------------------------------------------------------------ #
 #  SimpleCookie
@@ -103,6 +104,9 @@ class Cookie(dict):
        if key not in self._keys:
            raise KeyError("Unknown cookie property")
        if value is not False:
+            if key.lower() == "max-age":
+                if not str(value).isdigit():
+                    value = DEFAULT_MAX_AGE
            return super().__setitem__(key, value)

    def encode(self, encoding):