[Catalyst] Session collisions
Christopher H. Laco
claco at chrislaco.com
Fri Jul 11 16:08:23 BST 2008
Ash Berlin wrote:
> =
> On 11 Jul 2008, at 15:47, Jim Spath wrote:
> =
>> We've gotten some reports in one of our Catalyst applications that =
>> users are "swapping places". ie, they are suddenly logged in as =
>> another user, or someone has accessed their account. I've done some =
>> quick looking and don't see anything unusual.
>>
>> I was wondering if it could possibly be session key collisions? Have =
>> any of you experienced this?
> =
> =
> Yes, I've had similar reports from IE users. Let me work out what I =
> changed..... Ah yes - it was an over zealous proxy sitting in the middle.
> =
> sub end : ActionClass('RenderView') {
> my ($self, $c) =3D @_;
> =
> $c->res->header(Pragma =3D> 'no-cahce');
> $c->res->header('Cache-Control' =3D> "no-cache, must-revalidate");
> }
s/no-cahce/no-cache/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.scsys.co.uk/pipermail/catalyst/attachments/20080711/8896=
abac/signature.pgp
More information about the Catalyst
mailing list