[Catalyst] Session collisions

Christopher H. Laco claco at chrislaco.com
Fri Jul 11 16:08:23 BST 2008


Ash Berlin wrote:
> =

> On 11 Jul 2008, at 15:47, Jim Spath wrote:
> =

>> We've gotten some reports in one of our Catalyst applications that =

>> users are "swapping places".  ie, they are suddenly logged in as =

>> another user, or someone has accessed their account.  I've done some =

>> quick looking and don't see anything unusual.
>>
>> I was wondering if it could possibly be session key collisions?  Have =

>> any of you experienced this?
> =

> =

> Yes, I've had similar reports from IE users. Let me work out what I =

> changed..... Ah yes - it was an over zealous proxy sitting in the middle.
> =

> sub end : ActionClass('RenderView') {
>     my ($self, $c) =3D @_;
> =

>     $c->res->header(Pragma =3D> 'no-cahce');
>     $c->res->header('Cache-Control' =3D> "no-cache, must-revalidate");
> }

s/no-cahce/no-cache/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.scsys.co.uk/pipermail/catalyst/attachments/20080711/8896=
abac/signature.pgp


More information about the Catalyst mailing list