On Wed, 10 Nov 2004 12:04:53 -0500, Michael <suppressed> wrote:
> Problem:
>
> I have upgraded an application to use CGI::Application::Plugin::Apache
> which, if you haven't seen changes you app to use Apache::* modules
> instead of CGI.pm. I also wanted to use the
> CGI::Application::Plugin::Session module as well since it's easy to use
> and clean. But it uses the CGI.pm cookie() method to generate the cookie
> to glean the session id and to create a new cookie for the headers.
>
> Now CAP::Apache does a lot to make sure it can handle headers generated
> like this but the query object (since it's an Apache::Request object)
> doesn't have a cookie() method.
>
> A proposed solution would be to modify CAP::Session to either check the
> type of object that $query is and only use the cookie() method if it's
> CGI.pm, else use CGI::Cookie since that's what CGI uses under the hood
> anyway) or it could even check to see if the $ENV{MOD_PERL} is set and
> if it is, use Apache::Cookie, else use CGI::Cookie.
CAP::Session has a mechanism to handle this situation (although it is
probably not desirable in most situations). It will allow you to
manage the cookie yourself... By passing SEND_COOKIE => 0 to
session_config, CAP::Session will not send the cookie header out, and
leaves cookie management to the developer.
As for handling the Apache problem within CAP::Session, I don't want
to add conditions for ever type of cookie management to the code. I
think that could get messy very quickly. Besides, it is not possible
to automatically detect what the user is using to send the headers.
Even if the $self->query object returns an Apache::Request object, it
is possible (though unlikely) that the user is still using CGI.pm to
send the headers somewhere else in the code.
As for checking for $ENV{MOD_PERL}, I use Apache::Registry for a lot
of my scripts, but still use CGI.pm for parameter handling and sending
headers, so I don't think that will work either.
Using CGI::Cookie directly is probably the best compomise.
I have not had a chance to closely look at the CAP::Apache module yet.
Can the cookie still be sent to header_add successfully? Or does the
cookie need to be baked into the Apache::Request object?
> Either way should work and it would even help those who use other non
> CGI.pm query objects (like CGI::Simple, etc)
Actually, CGI::Simple does have a cookie method so it should work
fine. However CGI::Minimal will not work, since it doesn't have a
cookie method... There are probably other CGI like modules that won't
work either.
Cheers,
--
Cees Hek
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.