On Tue, 2003-04-15 at 15:45, Brad Powell wrote:
I believe your hypothesis is exactly right, Chris. I did wget going direct to Zope on port 8080, and I also did wget going through PCGI. Both show the two http requests (and response headers): the first one to sessionCreateAndRedirect and the second one to view_session_obj.pt. Going direct to port 8080 reveals a "Set-Cookie: _ZopeId=..." header being sent only in the first http response; whereas the PCGI route shows the "Set-Cookie:_ZopeId=..." header being sent only in the second response.
Thanks for confirming this.
Also, I tried your workaround, and it works, further confirming the hypothesis.
Where do I go from here as far as getting this "bug" fixed?
Well, the workaround is completely inert for all configurations, so in some sense it's fixed already. That said, to try to fix it for real, we would need to determine what subsystem is causing the problem. It could be the fault of IIS, or it could be the fault of the PCGI code. To determine which, a setup could be established that uses PCGI under Apache; alternately another mechanism besides PCGI under IIS could be used (a couple folks have posted howtos about using IIS as a proxy to Zope instead of using PCGI). If we find that only happens when using IIS, then the problem is likely Microsoft's. If we find that it only happens when using PCGI, then the problem is likely Zope's. I don't have much interest in running this particular bug down (I don't run Zope on Windows nor do I ever run PCGI), but maybe someone will find it interesting enough to take it up. - C