[Jifty-commit] r4553 - in jifty/trunk: lib/Jifty lib/Jifty/View/Declare lib/Jifty/View/Mason

jifty-commit at lists.jifty.org jifty-commit at lists.jifty.org
Wed Nov 28 16:40:26 EST 2007 

Author: sartak
Date: Wed Nov 28 16:40:25 2007
New Revision: 4553

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Handler.pm
   jifty/trunk/lib/Jifty/View/Declare/Handler.pm
   jifty/trunk/lib/Jifty/View/Mason/Handler.pm
   jifty/trunk/lib/Jifty/Web.pm

Log:
 r45710 at onn:  sartak | 2007-11-28 16:40:03 -0500
 Don't send cookies for static files. We suspect that doing so was screwing up non-compliant proxies that were caching the cookie and causing.. "amusing" security problems


Modified: jifty/trunk/lib/Jifty/Handler.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Handler.pm	(original)
+++ jifty/trunk/lib/Jifty/Handler.pm	Wed Nov 28 16:40:25 2007
@@ -225,7 +225,6 @@
 
         # Return from the continuation if need be
         Jifty->web->request->return_from_continuation;
-        Jifty->web->session->set_cookie;
         $self->dispatcher->handle_request();
         $self->cleanup_request();
     }

Modified: jifty/trunk/lib/Jifty/View/Declare/Handler.pm
==============================================================================
--- jifty/trunk/lib/Jifty/View/Declare/Handler.pm	(original)
+++ jifty/trunk/lib/Jifty/View/Declare/Handler.pm	Wed Nov 28 16:40:25 2007
@@ -81,6 +81,7 @@
     my $r = Jifty->handler->apache;
     $r->content_type || $r->content_type('text/html; charset=utf-8'); # Set up a default
     unless ( Jifty->handler->apache->http_header_sent || Jifty->web->request->is_subrequest ) {
+        Jifty->web->session->set_cookie;
         Jifty->handler->apache->send_http_header;
     }
 

Modified: jifty/trunk/lib/Jifty/View/Mason/Handler.pm
==============================================================================
--- jifty/trunk/lib/Jifty/View/Mason/Handler.pm	(original)
+++ jifty/trunk/lib/Jifty/View/Mason/Handler.pm	Wed Nov 28 16:40:25 2007
@@ -186,6 +186,8 @@
 sub handle_comp {
     my ($self, $comp, $args) = @_;
 
+    Jifty->web->session->set_cookie;
+
     # Set up the global
     my $r = Jifty->handler->apache;
     $self->interp->set_global('$r', $r);

Modified: jifty/trunk/lib/Jifty/Web.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Web.pm	(original)
+++ jifty/trunk/lib/Jifty/Web.pm	Wed Nov 28 16:40:25 2007
@@ -784,6 +784,10 @@
     # Headers..
     $apache->header_out( Location => $page );
     $apache->header_out( Status => 302 );
+
+    # cookie has to be sent or returning from continuations breaks
+    Jifty->web->session->set_cookie;
+
     $apache->send_http_header();
 
     # Mason abort, or dispatcher abort out of here

More information about the Jifty-commit mailing list