> This is something you would normally do at a cookie managing level, not
> at the session level. I guess you could do it here if CGI::Session has
> an API flexible enough for it.
Fair enough. The only advantage to doing it at the session level in
this case is that CGI::Session tries to be cleve
I'm trying to return an ImageMagick JPG image, directly, and getting "malformed
header from script. Bad header=ÿØÿà: index.cgi.
I dug through the docs, and the CAPTCHA thread where I learned how to set the
-type to image/jpg and how to only process text/html in cgiapp_postrun.
I have also be
On Mon, 2006-01-09 at 17:55 -0500, Michael Graham wrote:
> Ah, right. Hmmm... so maybe the best solution is to add the HMAC
> feature to CGI::Session, somehow. Maybe a new 'hmac' driver type:
>
> my $sess = CGI::Session->new("id:incr;hmac:sha1", $query, {
> HMAC_Secret => 'abc123',
>
Perrin Harkins <[EMAIL PROTECTED]> wrote:
> On Mon, 2006-01-09 at 16:56 -0500, Michael Graham wrote:
>
> > Is this the best/easiest way of guaranteeing unique session ids with
> > CAP::Session?
>
> It's one good way. Others would be a database sequence or the GUID/UUID
> stuff on CPAN, but that's
On Mon, 2006-01-09 at 16:56 -0500, Michael Graham wrote:
> One point to remember is that these form state ids are specific to a
> particular user session. So any potential collision would have to be
> with an existing state for the *same* user.
Oh, I missed that. I was really talking about sessi
Perrin Harkins <[EMAIL PROTECTED]> wrote:
> On Mon, 2006-01-09 at 18:36 +, RA Jones wrote:
> > it got me
> > wondering what the chances of data collision are with this method - ie
> > what chance the key
> > 'form_state_cap_form_state_bf9a49cb6debf1f1dd388d81550fb648' for example
> > would be
On Mon, 2006-01-09 at 18:36 +, RA Jones wrote:
> I have had some communication with Michael (module author) on a related
> theme, and he tells me the module uses the
> CGI::Session::ID::md5->generate_id routine. Because the runmodes rely on
> the information retrieved from the cap_form_state
MD5 collisions are highly unlikely during the general course of play.
However, malicious tampering can lead to the same MD5 being generated
(http://en.wikipedia.org/wiki/MD5).
Regards
Dan Horne
> -Original Message-
> From: RA Jones [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, 10 January 2
Hello group, I'm using CAP::FormState to protect hidden form fields.
Everything appears to work OK, but I notice a large amount of
information build-up in the a_session field of the sessions table (also
using CGI::Session with MySQL for authentication). In particular there
is a large recurrence
Thank you Michael and Brian. The setting of header type to 'none'
allows one to have control on the output handling and does work
as plain simple cgi.
Regards
Richard
On Mon, Jan 09, 2006 at 09:17:11AM -0500, Michael Peters wrote:
>
>
> Richard Chen wrote:
> > Hi,
> >
> > I have a CA app
Richard Chen wrote:
> Hi,
>
> I have a CA app which works in all aspects
> except in one run mode, I would like to directly
> show the output of a relatively slow running process.
> The problem is that CA requires that runmode return
> the final output as a single string. This means the
>
Hi,
I have a CA app which works in all aspects
except in one run mode, I would like to directly
show the output of a relatively slow running process.
The problem is that CA requires that runmode return
the final output as a single string. This means the
client will not be able to see anyth
12 matches
Mail list logo
