I have 'heard' that in some browsers there is a bug using HTTP/1.1 when they use Keep-Alive. As they don't necessarily create another explicit tcp connection for a request (but rather try to keep the connection alive), they 'forget' to send the Cookie headers for subsequent requests in the same connection. It might not be the problem, but its worth checking what headers each request (and each connection) is getting/sending...
-----Original Message----- From: Robert Landrum [mailto:[EMAIL PROTECTED]] Sent: Thursday, 6 December 2001 10:29 AM To: Michael A Nachbaur; [EMAIL PROTECTED] Subject: Re: Apache::Session and frames At 3:06 PM -0800 12/5/01, Michael A Nachbaur wrote: >I have been beating my head against this problem for days, to no >avail. I have tried google searches, etc., still no dice. So, I >apologize for the noise people. > >I'm using Apache::Session and cookies to perform session management. >In watching the debug messages in my error_log, I can see that the >cookie is created, the session is created, and all subsequent calls >correctly loads the session. However, part of the design for my web >application requires the use of frames, with several frames >containing mod_perl generated data. Each one of those frames relies >on using the session. I wouldn't think this would be a problem, >except that some of the frames cannot tie to the datastore, and as a >result create new sessions. > >I would think the default behavior would block until the session is >unlocked, but this doesn't seem to be the case. I was first using >Apache::Session::Flex (For easier configuration), but have also >tried Apache::Session::MySQL, ::DB_File and ::File, all exhibit the >same problem. > >This site is developed using AxKit and AxKit::XSP::Session, but the >sessions are created before AxKit is even invoked so that isn't the >issue. > >Any suggestions? I'd like to resolve this without loosing my hair. :) Cookies set in a parent frame are not immediatly accessable to a child frames. It's a fun little bug that requires a full frame reload to be detected. Another thing to watch out for are the cookie paths. I've never used Apache::Session, so I don't know what path is set for the cookies, but if the pages loading in the child frames have non matching urls, then the session cookies aren't going to come through. Good Luck, Rob -- "Only two things are infinite: The universe, and human stupidity. And I'm not sure about the former." --Albert Einstein
