[dancer-users] Erroneous session-cookie setting behaviour in Dancer2

Rik Brown rik at rikbrown.co.uk
Sun Mar 3 23:01:21 GMT 2013


> > That sounds like it's working correctly. You got a new empty session and
> > a cookie for it. I don't think it's expected that you won't get a cookie
> > if your session is empty.
> 
> 
> 
> So Rik, what's the point of getting a new empty session and cookie for
> it, instead of just a "negative" cookie (a set-cookie header with
> negative time) 

Yeah you're right.  It is probably better to put a "negative" cookie there if the session is non-existent/empty.   I think I was going with a "that sounds like more code/more complexity than it's worth", but the privacy concerns (I've never cared about what cookies sites are throwing at me, for better or for worse) are fair enough I suppose.
>  and no session at all to waste space on the db?
A smart session engine should probably not bother put any entries in the DB if the session is empty, but I take your point. 



-- 
Rik Brown
http://www.rikbrown.co.uk


On Sunday, 3 March 2013 at 22:47, Punter wrote:

> 
> 
> On 03/03/2013 05:55 PM, Rik Brown wrote:
> > That sounds like it's working correctly. You got a new empty session and
> > a cookie for it. I don't think it's expected that you won't get a cookie
> > if your session is empty.
> > 
> 
> 
> 
> So Rik, what's the point of getting a new empty session and cookie for 
> it, instead of just a "negative" cookie (a set-cookie header with 
> negative time) and no session at all to waste space on the db?
> _______________________________________________
> dancer-users mailing list
> dancer-users at dancer.pm (mailto:dancer-users at dancer.pm)
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
> 
> 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.preshweb.co.uk/pipermail/dancer-users/attachments/20130303/4dfc8ac8/attachment-0001.htm>


More information about the dancer-users mailing list