Re: Security: Dancer Session cookie swap

Replies are listed 'Best First'.
Re^2: Security: Dancer Session cookie swap by Anonymous Monk on Nov 13, 2014 at 08:22 UTC
Oh wow, a bit more technical details and interesting claims I experienced this behavior with various session-engines (YAML, memcached and cookies). Please don't bother digging in Session::Cookie. ;) And as mentioned somewhere above it can't be higher, I could isolate the problem to pure Dancer without any middleware. But like always no code for anyone else to run and reproduce the problem ... the patch provided that purportedly works for the OP was ultimately rejected (nuking %ENV is drastic) Its interesting the op tracked down a solution for him, but not a simple test case	[reply]

Replies are listed 'Best First'.

Re^2: Security: Dancer Session cookie swap
by Anonymous Monk on Nov 13, 2014 at 08:22 UTC

I experienced this behavior with various session-engines (YAML, memcached and cookies). Please don't bother digging in Session::Cookie. ;) And as mentioned somewhere above it can't be higher, I could isolate the problem to pure Dancer without any middleware.

But like always no code for anyone else to run and reproduce the problem ... the patch provided that purportedly works for the OP was ultimately rejected (nuking %ENV is drastic)

Its interesting the op tracked down a solution for him, but not a simple test case

[reply]