IE7 vs. A Python Pickle Object

Question

I have an issue with IE7 not wanting to pass a pickled object through a ajax call using HTMLTMPL. It works in IE8 (and in compatibility mode) as well as in Firefox.

I have pickled an object using the command:

newhash['pickled'] = pickle.dumps(hash)

Because JS didn't like the newlines, i regex them out using:

newhash['pickled'] = re.sub('\n', 'LINEBREAK', newhash['pickled'])

When I catch my pickled object in Python, it takes out LINEBREAK and puts back in \n. My ajax call looks like this:

$.getJSON('/folder/MyPython.py', {'mode':'MyFunction', 'pickled':"<TMPL_VAR pickled ESCAPE="NONE">"}, function(data){

I alert right before it and right after it and everything works as expected. If i alert in the function(data) section, nothing gets alerted. However, if i take out the 'pickled' key in the ajax call, everything works fine. The pickled object is all the variables needed for my python to do calculations, so simply not passing it is not an option.

My pickled object looks like this:

(dp0LINEBREAKS'rlbool'LINEBREAKp1LINEBREAKL1LLINEBREAKsS'class7'LINEBREAKp2LINEBREAKS'50'LINEBREAKp3LINEBREAKsS'fedxbool'LINEBREAKp4LINEBREAKL1LLINEBREAKsS'weight1'LINEBREAKp5LINEBREAKS'1500'LINEBREAKp6LINEBREAKsS'conwaybool'LINEBREAKp7LINEBREAKL1LLINEBREAKsS'originzip'LINEBREAKp8LINEBREAKS'37130'LINEBREAKp9LINEBREAKsS'company'LINEBREAKp10LINEBREAKS''LINEBREAKp11LINEBREAKsS'destinationzip'LINEBREAKp12LINEBREAKS'37130'LINEBREAKp13LINEBREAKsS'class6'LINEBREAKp14LINEBREAKS'50'LINEBREAKp15LINEBREAKsS'mode'LINEBREAKp16LINEBREAKS'Crawl'LINEBREAKp17LINEBREAKsS'averitlogin'LINEBREAKp18LINEBREAKS'QVSINC'LINEBREAKp19LINEBREAKsS'accessories'LINEBREAKp20LINEBREAK(lp21LINEBREAKsS'address'LINEBREAKp22LINEBREAKS'330%20Robert%20Rose%20Blvd.'LINEBREAKp23LINEBREAKsS'active'LINEBREAKp24LINEBREAKL1LLINEBREAKsS'averittbool'LINEBREAKp25LINEBREAKL1LLINEBREAKsS'id'LINEBREAKp26LINEBREAKL19LLINEBREAKsS'averitpass'LINEBREAKp27LINEBREAKS'MERIDIAN'LINEBREAKp28LINEBREAKsS'shipmentdate'LINEBREAKp29LINEBREAKS'2010-10-08'LINEBREAKp30LINEBREAKsS'city'LINEBREAKp31LINEBREAKS'Murfreesboro'LINEBREAKp32LINEBREAKsS'class5'LINEBREAKp33LINEBREAKS'50'LINEBREAKp34LINEBREAKsS'last'LINEBREAKp35LINEBREAKS'Morgan'LINEBREAKp36LINEBREAKsS'originstate'LINEBREAKp37LINEBREAKS'TN'LINEBREAKp38LINEBREAKsS'zip'LINEBREAKp39LINEBREAKS'37129'LINEBREAKp40LINEBREAKsS'phone'LINEBREAKp41LINEBREAKS'615%20713-5432'LINEBREAKp42LINEBREAKsS'destinationstate'LINEBREAKp43LINEBREAKS'TN'LINEBREAKp44LINEBREAKsS'Accessories'LINEBREAKp45LINEBREAK(lp46LINEBREAKsS'comments'LINEBREAKp47LINEBREAKg11LINEBREAKsS'estesbool'LINEBREAKp48LINEBREAKL1LLINEBREAKsS'origincity'LINEBREAKp49LINEBREAKS'Murfreesboro'LINEBREAKp50LINEBREAKsS'class8'LINEBREAKp51LINEBREAKS'50'LINEBREAKp52LINEBREAKsS'state'LINEBREAKp53LINEBREAKS'TN'LINEBREAKp54LINEBREAKsS'email'LINEBREAKp55LINEBREAKS'chris2'LINEBREAKp56LINEBREAKsS'vitranbool'LINEBREAKp57LINEBREAKL1LLINEBREAKsS'saiabool'LINEBREAKp58LINEBREAKL1LLINEBREAKsS'destinationcity'LINEBREAKp59LINEBREAKS'Murfreesboro'LINEBREAKp60LINEBREAKsS'class3'LINEBREAKp61LINEBREAKS'50'LINEBREAKp62LINEBREAKsS'class4'LINEBREAKp63LINEBREAKS'50'LINEBREAKp64LINEBREAKsS'class1'LINEBREAKp65LINEBREAKS'50'LINEBREAKp66LINEBREAKsS'class2'LINEBREAKp67LINEBREAKS'50'LINEBREAKp68LINEBREAKsS'address2'LINEBREAKp69LINEBREAKg11LINEBREAKsS'first'LINEBREAKp70LINEBREAKS'Chris'LINEBREAKp71LINEBREAKs.

I can only assume that there is some character in here that IE7 has a problem with.

Thanks in advance for all the help.

Answer 1

This means that the pickled data could be changed on the user's side? Would be a high security risk.

Answer 2

First, read Why Python Pickle is Insecure. Don't use pickled objects that could be modified by users.

Instead, why not simply use JSON, which is obviously made for JavaScript. It is included in Python >= 2.6 and also available for older versions. As your data is just a dictionary, JSON should work just fine.

Another option would be base-64 encoding, which shouldn't get you into trouble with special characters.

Answer 3

The answer was URL length. The max request url length is 2083 and I was going over it. Fixed!