CODEWITHSUNDEEP
pythonherokuflaskwtformsflask-wtforms
setagana
setagana

Reputation: 169

WTForms raises "TypeError: 'unicode' does not have the buffer interface" on Heroku

When I run my app on Heroku and submit a Flask-WTF form, I get the following traceback with the error TypeError: 'unicode' does not have the buffer interface. Running the app locally works. From the traceback it looks like a problem with Flask-WTF verifying the CSRF token. Why am I getting this error and how do I fix it?

Exception on /restaurants/1/menu/add/ [POST]
Traceback (most recent call last):
  File "/app/.heroku/python/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "/app/.heroku/python/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/app/.heroku/python/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/app/.heroku/python/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "/app/.heroku/python/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/app/restaurantApp/views.py", line 95, in newMenuItem
    if form.validate_on_submit():
  File "/app/.heroku/python/lib/python2.7/site-packages/flask_wtf/form.py", line 166, in validate_on_submit
    return self.is_submitted() and self.validate()
  File "/app/.heroku/python/lib/python2.7/site-packages/wtforms/form.py", line 310, in validate
    return super(Form, self).validate(extra)
  File "/app/.heroku/python/lib/python2.7/site-packages/wtforms/form.py", line 152, in validate
    if not field.validate(self, extra):
  File "/app/.heroku/python/lib/python2.7/site-packages/wtforms/fields/core.py", line 204, in validate
    stop_validation = self._run_validation_chain(form, chain)
  File "/app/.heroku/python/lib/python2.7/site-packages/wtforms/fields/core.py", line 224, in _run_validation_chain
    validator(form, self)
  File "/app/.heroku/python/lib/python2.7/site-packages/flask_wtf/form.py", line 109, in validate_csrf_token
    if not validate_csrf(field.data, self.SECRET_KEY, self.TIME_LIMIT):
  File "/app/.heroku/python/lib/python2.7/site-packages/flask_wtf/csrf.py", line 111, in validate_csrf
    return safe_str_cmp(hmac_compare, hmac_csrf)
  File "/app/.heroku/python/lib/python2.7/site-packages/werkzeug/security.py", line 117, in safe_str_cmp
    return _builtin_safe_str_cmp(a, b)
TypeError: 'unicode' does not have the buffer interface

<form method="POST">
    {{ form.hidden_tag() }}
    <input type="submit" value="Add">
</form>

@app.route("/restaurants/<int:restaurant_id>/menu/add/", methods=["GET", "POST"])
def newMenuItem(restaurant_id):
    form = menuItemForm()

    if form.validate_on_submit():
        flash("new item added")
        return redirect(url_for("restaurantMenu"))
    else:
        return render_template("newMenuItem.html", form=form)

Upvotes: 2

Views: 987

Answers (1)

davidism
davidism

Reputation: 127180

You have a very old version of Werkzeug. See this bug report, with a fix released in 2014. Werkzeug was comparing the wrong data in a method Flask-WTF uses for CSRF. Upgrade your version of Werkzueg and record it in your requirements file. The current version today is 0.11.4.

pip install -U Werkzeug

Werkzeug==0.11.4

Given that you were using a very outdated version of Werkzeug, you should make sure your other libraries are up to date as well.

Upvotes: 2

Related Questions