--- a/Allura/allura/lib/custom_middleware.py
+++ b/Allura/allura/lib/custom_middleware.py
@@ -147,7 +147,9 @@
                 log.warning('CSRF attempt detected, %r != %r', cookie, param)
                 del environ['HTTP_COOKIE']
         def session_start_response(status, headers, exc_info = None):
-            headers.append(('Set-cookie', '%s=%s; Path=/' % (self._cookie_name, cookie)))
+            headers.append(
+                ('Set-cookie',
+                 str('%s=%s; Path=/' % (self._cookie_name, cookie))))
             return start_response(status, headers, exc_info)
         return self._app(environ, session_start_response)