[Catalyst] Invalid session ids being generated

Daniel Westermann-Clark dwc at pobox.com
Thu May 8 19:59:49 BST 2008


On 2008-05-07 17:38:12 -0500, Ryan Pack wrote:
> My Catalyst app is using Session::State::Cookie,
> Session::State::URI, and Session::Store::DBIC.  We recently started
> using the param option in Session::State::URI.  We were tacking the
> session id onto the base URL but now it is being included as a
> parameter.  Anyways, when you first make a request, a cookie is set
> with a valid session_id but uri_for returns the url with a totally
> different session id which doesn't even exist in the database.

Please send the output of a full request cycle using the debug flag.
For example, with the built-in server:

DBIC_TRACE=1 ./script/*server.pl -r -d

I'm not sure that using two Session::State plugins is recommended.  At
the very least, have you set the no_rewrite_if_cookie flag for
Session::State::URI?

-- 
Daniel Westermann-Clark



More information about the Catalyst mailing list