[jira] Closed: (MODPYTHON-86) Multiple session cookies created when ApplicationPath is set to /

Sat, 04 Mar 2006 21:38:02 -0800 

     [ http://issues.apache.org/jira/browse/MODPYTHON-86?page=all ]
     
Graham Dumpleton closed MODPYTHON-86:
-------------------------------------


> Multiple session cookies created when ApplicationPath is set to /
> -----------------------------------------------------------------
>
>          Key: MODPYTHON-86
>          URL: http://issues.apache.org/jira/browse/MODPYTHON-86
>      Project: mod_python
>         Type: Bug
>     Versions: 3.2.7
>  Environment: mod_python-3.2.2b.win32-py2.4.exe
>     Reporter: Jim Gallacher
>     Assignee: Jim Gallacher
>      Fix For: 3.2.7

>
> Originally reported by Villiam Manera on mod_python list.
> """
> Apache configuration --> PythonOption ApplicationPath '/'
> Before the beta there was only a cookie: pysid with path = '/'
> With the beta in place there are many pysid with different path,seems one 
> each module  I call, example:
> Pysyd: e81c661b3c9d11948a3b643c4c031695855e254a61239279086ef1bb8916c10c path:/
> Pysid: 855e254a61239279086ef1bb8916c10c path: /cgi-mpy/cgi_mpy_utentis.py/
> Pysyd: 855e254a61239279086ef1bb8916c10c path: /cgi-mpy/cgi-mpy_menu.py/
> Pysyd: 855e254a61239279086ef1bb8916c10c path: /comm/comm_menu.py/
> Pysyd: 855e254a61239279086ef1bb8916c10c path: /pf/pf_magauto.py/ ......
> """
> Villiam traced the problem to the following code in Session.py
> class BaseSession(dict):
> .........
>         if self._sid:
>             # attempt to load ourselves
>             self.lock()
>             if self.load():
>                 self._new = 0
>                 if not req.headers_out.has_key("Set-Cookie"):
>                     Cookie.add_cookie(self._req, 
> Cookie.Cookie(session_cookie_name, self._sid))
> The last two lines were added to 3.2 to support some new session handling 
> functionality. For various reasons that new functionality has been deferred 
> until 3.3, but the new code was not removed. That should not be a problem, 
> except that it is both buggy and wrong. :-(
> The correct fix for the 3.2.x release is to remove those 2 lines.
>          if self._sid:
>              # attempt to load ourselves
>              self.lock()
>              if self.load():
>                  self._new = 0
>                  #if not cookies.has_key(session_cookie_name):
>                  #   Cookie.add_cookie(self._req, self.make_cookie())

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply via email to