Refs #33562 -- Made HttpResponse.set_cookie() raise ValueError when both "expires" and "max_age" are passed.

This fixes the case where you might pass set_cookie(expires=val, max_age=val) and max_age is silently ignored.
2025-10-31 09:41:08 +00:00 · 2022-03-04 13:05:07 +00:00
parent ae2da5ba65
commit f3bf6c4218
2 changed files with 10 additions and 0 deletions
--- a/tests/responses/test_cookie.py
+++ b/tests/responses/test_cookie.py
@@ -76,6 +76,14 @@ class SetCookieTests(SimpleTestCase):
        response.set_cookie("max_age", max_age=timedelta(hours=1))
        self.assertEqual(response.cookies["max_age"]["max-age"], 3600)

+    def test_max_age_with_expires(self):
+        response = HttpResponse()
+        msg = "'expires' and 'max_age' can't be used together."
+        with self.assertRaisesMessage(ValueError, msg):
+            response.set_cookie(
+                "max_age", expires=datetime(2000, 1, 1), max_age=timedelta(hours=1)
+            )
+
    def test_httponly_cookie(self):
        response = HttpResponse()
        response.set_cookie("example", httponly=True)