FAQ
Hiya

There have been some fairly major changes to the way that the session
code is structured recently.

This work, by Sergio Salvi, changes where the session plugin hooks
into the request cycle to remove a race condition, and changes the
storage of the flash to be within the normal session data.

I'm reasonably sure that it's all working as expected, but I want to
get as much testing as possible before pushing up a release which
will install by default for people to reduce the possibility of it
causing issues for anybody.

To that end, I've pushed a dev release up to CPAN:

http://search.cpan.org/CPAN/authors/id/B/BO/BOBTFISH/Catalyst-Plugin-
Session-0.19_01.tar.gz

I'm going to perform some smoke testing of the other session store
and credential plugins, but we also need some real testing on
people's real applications.

Therefore, please please please download and test this dev release
with _your_ applications, and let us know if it works as expected in
your environment.

Thanks in advance
t0m

Search Discussions

  • Bill Moseley at Jan 12, 2009 at 7:41 pm

    On Mon, Jan 12, 2009 at 05:30:08AM +0000, Tomas Doran wrote:
    I'm reasonably sure that it's all working as expected, but I want to get
    as much testing as possible before pushing up a release which will
    install by default for people to reduce the possibility of it causing
    issues for anybody.
    Might consider creating a md5 signature when calling
    initialize_session_data. We use that to prevent writing to the
    session store when not needed (i.e. empty sessions).

    --
    Bill Moseley
    moseley@hank.org
    Sent from my iMutt
  • Tomas Doran at Jan 13, 2009 at 1:34 am

    On 12 Jan 2009, at 19:41, Bill Moseley wrote:
    On Mon, Jan 12, 2009 at 05:30:08AM +0000, Tomas Doran wrote:

    I'm reasonably sure that it's all working as expected, but I want
    to get
    as much testing as possible before pushing up a release which will
    install by default for people to reduce the possibility of it causing
    issues for anybody.
    Might consider creating a md5 signature when calling
    initialize_session_data. We use that to prevent writing to the
    session store when not needed (i.e. empty sessions).
    That would be an additional feature, right?

    I'm all for this (patches welcome, feel free to have a commit bit and
    a branch etc), but I'm afraid the only job _I'm_ currently
    volunteering for is the yak-shaving exercise of making releases,
    asking people to test them out, and doing some smoke testing.

    Cheers
    t0m
  • Bill Moseley at Jan 13, 2009 at 3:50 am

    On Tue, Jan 13, 2009 at 01:34:11AM +0000, Tomas Doran wrote:
    On 12 Jan 2009, at 19:41, Bill Moseley wrote:
    On Mon, Jan 12, 2009 at 05:30:08AM +0000, Tomas Doran wrote:

    I'm reasonably sure that it's all working as expected, but I want to
    get
    as much testing as possible before pushing up a release which will
    install by default for people to reduce the possibility of it causing
    issues for anybody.
    Might consider creating a md5 signature when calling
    initialize_session_data. We use that to prevent writing to the
    session store when not needed (i.e. empty sessions).
    That would be an additional feature, right?
    I would not call it a new feature. When the session is fetched a
    signature is created. When it's time to write the session the
    signature is checked to see if the session changed. If it has not
    changed then don't write it to the store.

    IMO, what is lacking is if no session exists a new session is created.
    But, at the end of the request there's no signature so the session is
    automatically written to the store -- even if the application didn't
    put anything into the session.

    The signature is to tell if the session changed during the request.
    But with new sessions that signature is missing. So, I don't think
    it's a feature as much as an incomplete implementation.
    I'm all for this (patches welcome, feel free to have a commit bit and a
    branch etc), but I'm afraid the only job _I'm_ currently volunteering for
    is the yak-shaving exercise of making releases, asking people to test
    them out, and doing some smoke testing.
    I do appreciate that -- and it's much more than I seem to be able to
    find time for. I just thought I'd mention the issue if Sergio Salvi
    was still actively working on the module.

    Cheers
    t0m


    _______________________________________________
    List: Catalyst@lists.scsys.co.uk
    Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
    Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
    Dev site: http://dev.catalyst.perl.org/
    --
    Bill Moseley
    moseley@hank.org
    Sent from my iMutt

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcatalyst @
categoriescatalyst, perl
postedJan 12, '09 at 5:30a
activeJan 13, '09 at 3:50a
posts4
users2
websitecatalystframework.org
irc#catalyst

2 users in discussion

Bill Moseley: 2 posts Tomas Doran: 2 posts

People

Translate

site design / logo © 2021 Grokbase