From: Steve F. <sf...@ih...> - 2002-06-12 07:09:46
|
Hiya, I'm subclassing SecurePage. Page 1 gives the user a form, then spits it to an action in Page 2. Both pages inherit directly from the same SecurePage. I'm using OneShot.cgi. The problem is that sometimes, when going from Page 1 to Page 2, I get a login request, even though I'm logged in to Page 1. (No, I didn't let the machine sit idle for half an hour before posting the form.) This is often despite the fact that I just reloaded Page 1, and it didn't ask me for credentials then. I've wondered if this is similar to the dreaded Mac IE5 cookie problem. But every time I look in my cookies, there's a nice little _SID_ cookie looking quite yummy. I've noticed that it often seems to happen when I get some kind of new error I've never gotten before (!), as if the session hasn't got the permissions to get me to the standard WebKit traceback page. But I've had it happen in normal function as well. Also, a troublesome bit is that the contents of the post is lost by going through the login page, so when I go through to Page 2, it gets zilch and the user has to start from scratch. Guess I have to write a method which fetches all fields and inserts them in the LoginPage.py HTML as hidden fields? If so, this oughta be standard where session expiration is concerned, so I'll write it and submit it if anyone thinks that's a good idea. Anyway, I've thus far seen this behavior under Konqueror and Mozilla on Linux. I haven't tried any proprietary, closed-source, restrictively-licensed, liberty-reducing browsers yet. :-) Any ideas? Steve |
From: Steve F. <sf...@ih...> - 2002-06-12 07:18:11
|
Just a quick followup. I noticed it did it again, this time when an exception was thrown inside a try-catch block in Page 2. If it matters, the exception was smtplib.SMTPRecipientsRefused. So instead of logging in, I hit the Back button, which brought me back to Page 1. Then I hit Reload, and it demanded a login. So, at the very least, something about exceptions is invalidating my session, I believe. In fact, I remember increased frequency of this behavior when I was writing exception handling for code using the MySQLdb module. Steve |