diff --git a/sanic/cookies.py b/sanic/cookies.py index ed672fba..5387fcc5 100644 --- a/sanic/cookies.py +++ b/sanic/cookies.py @@ -109,7 +109,7 @@ class Cookie(dict): if value is not False: if key.lower() == "max-age": if not str(value).isdigit(): - value = DEFAULT_MAX_AGE + raise ValueError("Cookie max-age must be an integer") elif key.lower() == "expires": if not isinstance(value, datetime): raise TypeError( diff --git a/tests/test_cookies.py b/tests/test_cookies.py index 1c29c551..22ce9387 100644 --- a/tests/test_cookies.py +++ b/tests/test_cookies.py @@ -162,7 +162,7 @@ def test_cookie_set_same_key(app): assert response.cookies["test"] == "pass" -@pytest.mark.parametrize("max_age", ["0", 30, 30.0, 30.1, "30", "test"]) +@pytest.mark.parametrize("max_age", ["0", 30, "30"]) def test_cookie_max_age(app, max_age): cookies = {"test": "wait"} @@ -204,6 +204,23 @@ def test_cookie_max_age(app, max_age): assert cookie is None +@pytest.mark.parametrize("max_age", [30.0, 30.1, "test"]) +def test_cookie_bad_max_age(app, max_age): + cookies = {"test": "wait"} + + @app.get("/") + def handler(request): + response = text("pass") + response.cookies["test"] = "pass" + response.cookies["test"]["max-age"] = max_age + return response + + request, response = app.test_client.get( + "/", cookies=cookies, raw_cookies=True + ) + assert response.status == 500 + + @pytest.mark.parametrize( "expires", [datetime.utcnow() + timedelta(seconds=60)] )