[albatross-users] Duplicate cookie mystery solved???
Sheila King
sheila at thinkspot.net
Fri Sep 12 15:27:14 EST 2003
OK, I think I have figured out the situation with this duplicate cookie
scenario that I've mentioned more than once on this list.
I am using random modular apps with sessionfile sessions.
I have applied Matt Goodall's patch to specifically set the cookie path.
Here is what is happening...
Let's say the full URL to my app is
http://example.com/cgi-bin/myapp.py
and that the start page is "login"
But being the lazy butt that I am, when I go to my app for the first time,
I don't feel like typing the long version of the URL with the page name
appended. I know that it will automatically redirect me to the proper start
page. So I simply enter this:
http://example.com/cgi-bin/myapp.py
Which sets a cookie with this path:
/cgi-bin/
Albatross now redirects to the start page URL as follows:
http://example.com/cgi-bin/myapp.py/login
which now sets a new cookie with this path:
/cgi-bin/myapp.py/
Thus, two cookies have been set with slightly different paths.
If the app never throws an unhandled exception, no problem.
But if it does, the cookie with the shorter path causes a problem.
I can resolve this situation one of two ways:
I can either delete from my browser the cookie with the shorter path.
Or, else I can type in the original, shorter URL that I had initially
started from, and then be redirected to the full start page URL and things
will proceed normally from there.
It seems to me, that if the original cookie path were not set to that short
version, but were always set to the longer verion ending in
/myapp.py/
that this would resolve the issue.
???
Does this make sense?
--
Sheila King
http://www.thinkspot.net/sheila/
http://www.k12groups.org
More information about the Albatross-users
mailing list