[Cgi-session-user] unexpect conduct after session expire
Brought to you by:
sherzodr
Menu
▾
▴
[Cgi-session-user] unexpect conduct after session expire
|
From: thomas p. <th...@po...> - 2006-03-10 22:05:04
|
Hello,
at the moment I try to understand CGI::Session, if an session expire.
I wrote follow small test programm:
-- snip --
1 #!/usr/bin/perl -wT
2
3 use strict;
4 use CGI::Carp qw(fatalsToBrowser);
5 use CGI::Session;
6
7 my $session = new CGI::Session;
8 $session->expire('10s');
9 # output to the browser
10 print $session->header();
11 my $tmp_01=$session->dump();
12 $tmp_01=~s/\n/<br>/g;
print"
<html>
<head>
</head>
<body>
<p>".$session->header()."</p>
<p>$tmp_01</p>
</body>
</html>";
-- snap --
The Session with the ID 4b3a040a3c034455c148e3edcb7ced05 is expire, so
line 7 create a new ID (b0e5c89d4ea867511a6c5752f53238f4) and send it to
the client, see first run.
Some seconds later I recall the test programm and I expect, that the new
ID b0e5c89d4ea867511a6c5752f53238f4 is valid, line 7 should find valid
data, but the programm send a new ID fcb5d86e2aa89782fb6258f34020496b,
see second run.
Some second later I recall the programm again and I get the expected new
ID from the second run, fcb5d86e2aa89782fb6258f34020496b, line 7 found a
valid session and load the data, see third run.
Some second later I recall the programm again and I get again the ID
fcb5d86e2aa89782fb6258f34020496b, that is what I expect, see 4th run.
I don't understand, why CGI::Session don't find the valid session with
the ID b0e5c89d4ea867511a6c5752f53238f4 from the first run. CGI::Session
create a file on disk,
I try this programm with firefox 1.5 and IE 6, everytime with the same
result. Have anybody a hint for me for this results or is there a
mistake in my test programm? At the moment I must send twice data to the
server to get a valid session.
btw: I is possible to set a parameter, that a ID only is sent, if there
a SSL connection?
my first run:
-- snip --
Set-Cookie: CGISESSID=b0e5c89d4ea867511a6c5752f53238f4; path=/;
expires=Thu, 09-Mar-2006 21:37:23 GMT Date: Fri, 10 Mar 2006 21:37:23
GMT Content-Type: text/html; charset=ISO-8859-1
$CGI::Session = bless( {
'_STATUS' => 11,
'_OBJECTS' => {
'serializer' => 'CGI::Session::Serialize::default',
'id' => 'CGI::Session::ID::md5',
'driver' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' )
},
'_CLAIMED_ID' => '4b3a040a3c034455c148e3edcb7ced05',
'_DATA' => {
'_SESSION_ETIME' => 10,
'_SESSION_ID' => 'b0e5c89d4ea867511a6c5752f53238f4',
'_SESSION_ATIME' => 1142026643,
'_SESSION_CTIME' => 1142026643
},
'_QUERY' => bless( {
'.parameters' => [],
'.charset' => 'ISO-8859-1',
'.cookies' => {
'CGISESSID' => bless( {
'value' => [
'4b3a040a3c034455c148e3edcb7ced05'
],
'name' => 'CGISESSID',
'path' => '/'
}, 'CGI::Cookie' )
},
'.fieldnames' => {},
'.header_printed' => 1,
'escape' => 1
}, 'CGI' ),
'_DRIVER_ARGS' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' ),
'_DSN' => {
'serializer' => 'default',
'id' => 'md5',
'driver' => 'file'
}
}, 'CGI::Session' );
-- snap --
some seconds later the second run:
-- snip --
Set-Cookie: CGISESSID=fcb5d86e2aa89782fb6258f34020496b; path=/;
expires=10s Date: Fri, 10 Mar 2006 21:37:29 GMT Content-Type: text/html;
charset=ISO-8859-1
$CGI::Session = bless( {
'_STATUS' => 3,
'_OBJECTS' => {
'id' => 'CGI::Session::ID::md5'
},
'_CLAIMED_ID' => undef,
'_DATA' => {
'_SESSION_ETIME' => 10,
'_SESSION_ID' => 'fcb5d86e2aa89782fb6258f34020496b',
'_SESSION_ATIME' => 1142026649,
'_SESSION_REMOTE_ADDR' => '84.188.192.93',
'_SESSION_CTIME' => 1142026649
},
'_QUERY' => bless( {
'.parameters' => [],
'.charset' => 'ISO-8859-1',
'.cookies' => undef,
'.fieldnames' => {},
'.header_printed' => 1,
'escape' => 1
}, 'CGI' ),
'_DRIVER_ARGS' => {},
'_DSN' => {
'serializer' => 'default',
'id' => 'md5',
'driver' => 'file'
}
}, 'CGI::Session' );
-- snap --
some seconds later the third run:
-- snip --
Set-Cookie: CGISESSID=fcb5d86e2aa89782fb6258f34020496b; path=/;
expires=10s Date: Fri, 10 Mar 2006 21:37:35 GMT Content-Type: text/html;
charset=ISO-8859-1
$CGI::Session = bless( {
'_STATUS' => 2,
'_OBJECTS' => {
'serializer' => 'CGI::Session::Serialize::default',
'driver' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' )
},
'_CLAIMED_ID' => 'fcb5d86e2aa89782fb6258f34020496b',
'_DATA' => {
'_SESSION_ID' => 'fcb5d86e2aa89782fb6258f34020496b',
'_SESSION_ETIME' => 10,
'_SESSION_ATIME' => 1142026655,
'_SESSION_EXPIRE_LIST' => {},
'_SESSION_REMOTE_ADDR' => '84.188.192.93',
'_SESSION_CTIME' => 1142026649
},
'_QUERY' => bless( {
'.parameters' => [],
'.charset' => 'ISO-8859-1',
'.cookies' => {
'CGISESSID' => bless( {
'value' => [
'fcb5d86e2aa89782fb6258f34020496b'
],
'name' => 'CGISESSID',
'path' => '/'
}, 'CGI::Cookie' )
},
'.fieldnames' => {},
'.header_printed' => 1,
'escape' => 1
}, 'CGI' ),
'_DRIVER_ARGS' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' ),
'_DSN' => {
'serializer' => 'default',
'id' => 'md5',
'driver' => 'file'
}
}, 'CGI::Session' );
-- snap --
some seconds later the 4th run:
-- snip --
Set-Cookie: CGISESSID=fcb5d86e2aa89782fb6258f34020496b; path=/;
expires=10s Date: Fri, 10 Mar 2006 21:37:40 GMT Content-Type: text/html;
charset=ISO-8859-1
$CGI::Session = bless( {
'_STATUS' => 2,
'_OBJECTS' => {
'serializer' => 'CGI::Session::Serialize::default',
'driver' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' )
},
'_CLAIMED_ID' => 'fcb5d86e2aa89782fb6258f34020496b',
'_DATA' => {
'_SESSION_ETIME' => 10,
'_SESSION_ID' => 'fcb5d86e2aa89782fb6258f34020496b',
'_SESSION_ATIME' => 1142026660,
'_SESSION_REMOTE_ADDR' => '84.188.192.93',
'_SESSION_EXPIRE_LIST' => {},
'_SESSION_CTIME' => 1142026649
},
'_QUERY' => bless( {
'.parameters' => [],
'.charset' => 'ISO-8859-1',
'.cookies' => {
'CGISESSID' => bless( {
'value' => [
'fcb5d86e2aa89782fb6258f34020496b'
],
'name' => 'CGISESSID',
'path' => '/'
}, 'CGI::Cookie' )
},
'.fieldnames' => {},
'.header_printed' => 1,
'escape' => 1
}, 'CGI' ),
'_DRIVER_ARGS' => bless( {
'Directory' => '/tmp',
'NoFlock' => 0
}, 'CGI::Session::Driver::file' ),
'_DSN' => {
'serializer' => 'default',
'id' => 'md5',
'driver' => 'file'
}
}, 'CGI::Session' );
-- snap --
best regards,
thomas polnik.
|
