[ic] BUG: mv_no_session and [set-cookie]
emailgrant at gmail.com
Tue Jul 11 11:41:57 EDT 2006
> >> Isn't the problem simply that the browser is doing what it's supposed to
> >> do: ignoring the expired cookie, so you lose your session? Unless I'm
> >> misunderstanding the situation, it sure sounds like the bug was simply
> >> incorrect use of [set-cookie]. Maybe having [set-cookie] throw error
> >> messages into the error log would be helpful to point out problems like
> >> this, though.
> > The cookie I was setting incorrectly was one I use to track some
> > specific stuff on my site. It's not a session cookie and that's
> > handled in the IC core isn't it?
> Cookies are set in outgoing HTTP headers, so they're all done by the core
> ultimately. It sounds like something of the badness from your extra cookie
> may be affecting the session cookie. Can you paste in the exact
> [set-cookie] you were using that broke things?
This should do it:
[set-cookie name="testcookie" value="test" expire="Sunday, 01-Jan-2006
What you're saying makes sense about the extra cookie affecting the
session cookie. The only aspect of this that that doesn't explain (to
me) is the fact that submitting any POST form on the site fixed the
problem even with the bad cookie and mv_no_session. Maybe that was
because the session_id was being submitted in those forms?
More information about the interchange-users