1

I have such code:

from flask import Flask, render_template, redirect, request, url_for, session

app = Flask(__name__)


@app.route('/')
def index():
    tmplt = session.get('template', 'No template')
    return render_template('index.html', template=tmplt.decode('utf-8'))


@app.route('/template', methods=['POST'])
def upload_template():
    session['template'] = request.files['template'].read()
    return redirect(url_for('index'))


if __name__ == '__main__':
    app.secret_key = '\x0cw1\xd4\xd5\x80%O?q \xcfQrrk\xa3H\xc0[J\xae<\xc3]\xe6\x10\xc0-\xf8S\x08P4[3]PrK\xa9\xf1'
    app.run(debug=True)

I expect, that after successful execution of POST /template, variable tmplt will be equal to what was upload. However, it is empty. Debugging shows that session['template'] before redirection stores file content, as expected.

Anybody can suggest what's the problem here? Flask docs and googling didn't help :(

Alex Korotkikh
  • 13
  • 1
  • 3

1 Answers1

5

Looking at the sessions implementation, it seems that flask just saves all the session data into the cookie.

And the maximum cookie size, according to this answer, is 4KB. If your file is larger than that then browser can just reject the cookie.

In the any case, storing the file into the session doesn't look like a good idea.

Community
  • 1
  • 1
Borys Serebrov
  • 15,636
  • 2
  • 38
  • 54
  • so simple... Thanks! – Alex Korotkikh Feb 25 '16 at 10:58
  • please how to sole this? – hubert Jan 15 '18 at 06:25
  • @hubert if you have the problem above (the session data is too large to be stored in cookie), then you need to change you code in order to make this data smaller - don't store big things into the cookie or use browser local storage to save user data instead of cookie (or both, like having user identity information in the cookie, so you can identify the user on the server and cache user data into the local storage). – Borys Serebrov Jan 15 '18 at 12:47