[Zope] Help with session data and redirects
Chris McDonough
chrism@zope.com
15 Apr 2003 13:06:38 -0400
That makes me suspect that something about PCGI or IIS is not passing
along the session's set-cookie header to the browser in the initial
redirect response. You may want to use something like (under UNIX or
Cygwin):
wget -S
http://your.servers.pcgi.hostname/createSessionAndRedirect?sessionText=foo
This will print the headers of the response (you may want to do this in
a temp directory, it also saves the files). If you don't see a
set-cookie header, something is stripping it out.
It works the "second time around" because the set-cookie header is sent
in the response that contains the rendered view_session_obj.pt script
(as a result of accessing REQUEST.SESSION in that script). Thereafter,
the browser sends a cookie header along with every request.
So if you can verify this, the bug becomes "set-cookie headers are not
passed along to browsers when PCGI and/or IIS is used and the response
also contains a redirect header". Not that I know how to solve this,
but at least we could have a hypothesis. ;-)
- C
On Tue, 2003-04-15 at 12:36, Brad Powell wrote:
> Zope 2.6.1 running under IIS on a Windows 2000 Server, with PCGI.
> Client browser is IE v5.50.4522.1800 running on Windows 2000 Professional.
> Also tried with Mozilla 1.0 under Debian.
>
> Gathering this info for you made me think about the PCGI interface, and I
> discovered something interesting. The redirect works great when I'm going
> direct to Zope port 8080 (not using PCGI). It manifests the initial
> request problem when using the PCGI interface. In fact, that's why
> Konqueror worked. I was going direct to port 8080 when I was trying
> Konqueror.
>
> Brad
>
>
>
>
>
> Chris McDonough <chrism@zope.com>
> 04/15/2003 11:12 AM
>
> To: Brad Powell/PPCO@Phillips
> cc: zope@zope.org
> Subject: Re: [Zope] Help with session data and redirects
>
>
> I'm afraid I can't reproduce this behavior. Which
> browser(s)/platform(s) does it occur under?
>
> On Tue, 2003-04-15 at 12:06, Brad Powell wrote:
> > Thanks, Chris, for the quick reply. I tried both of your suggestions:
> the
> > random query string and the setHeader statements in the ZPT. They both
> > improved the situation in that requests after the initial one are now
> > returned properly. However, the very first request still returns the
> "Problem: no session object (redirectTest)" message. By the way, instead
> of a response.redirect, if I return the page
> > template directly in the script with a statement like "return
> > container['view_session_obj.pt']()", it works perfectly. Unfortunately,
> I
> > need the redirect because of the way my actual page template works.
> >
> > Brad
> >
> >
> >
> >
> >
> > Chris McDonough <chrism@zope.com>
> > 04/15/2003 10:18 AM
> >
> > To: Brad Powell/PPCO@Phillips
> > cc: zope@zope.org
> > Subject: Re: [Zope] Help with session data and redirects
> >
> >
> > Under Mozilla 1.3 on Linux, when running your test (e.g. when visiting
> > /createSessionAndRedirect?sessionText=456), I immediately get:
> >
> > ## Page Template "view_session_obj.pt" ##
> >
> > 456
> >
> > Like you, I suspect this may be a browser issue.
> >
> > To verify, cause the createSessionAndRedirect to generate a "random"
> > query string like this:
> >
> > session = context.REQUEST.SESSION
> > sessionObjName = 'redirectTest'
> > session.set(sessionObjName, sessionText)
> > return
> >
> context.REQUEST.RESPONSE.redirect(context["view_session_obj.pt"].absolute_url()
>
> > + '?abc=%s' % context.ZopeTime().timeTime())
> >
> > This should prevent browsers from returning a cached page. A more
> > permanent solution would be to set a Pragma: No-Cache or Cache-Control:
> > No-Cache HTTP header within "view_session_obj.pt".
> >
> > - C
> >
> >
> > On Tue, 2003-04-15 at 10:58, Brad Powell wrote:
> > > I have a problem where session data does not appear to be updated when
>
> > the
> > > setting of the session data is followed by a response.redirect in a
> > Python
> > > script. A browser refresh is required to get the correct data
> > displayed.
> > > This happens on both Zope v2.5.1 and v2.6.1. It also happens with IE
> > and
> > > Mozilla browsers; but, interestingly, it does not occur with the
> > Konqueror
> > > browser. This led me to believe it was a browser issue, but no matter
>
> > > what options I try in IE, I cannot get it to work. I thought it might
>
> > be
> > > an issue with the browser cache settings, but, again, no matter what I
>
> > try
> > > I get the same result.
> > >
> > > I've included a test script and page template that demonstrates this
> > > problem. When I go to url "sessionCreateAndRedirect?sessionText=123",
> I
> > > get the message, "Problem: no session object (redirectTest)." If I
> then
> >
> > > refresh the browser, I get "123" displayed, which is the correct
> > response.
> > > Subsequent calls to the url with different values for sessionText
> > returns
> > > the previous session value, until I do a browser refresh.
> > >
> > > Any assistance, guidance, wisdom, etc. on this matter would be greatly
>
> > > appreciated.
> > >
> > >
> > > ## Script (Python) "sessionCreateAndRedirect"
> > > ##parameters=sessionText
> > > ##
> > > session = context.REQUEST.SESSION
> > > sessionObjName = 'redirectTest'
> > > session.set(sessionObjName, sessionText)
> > > return
> > >
> >
> context.REQUEST.RESPONSE.redirect(context["view_session_obj.pt"].absolute_url())
> > >
> > > ## Page Template "view_session_obj.pt"
> > > ##
> > > <html>
> > > <head>
> > > <title tal:content="template/title">The title</title>
> > > </head>
> > > <body>
> > > <tal:block define="global sesObj request/SESSION/redirectTest |
> > > nothing"></tal:block>
> > > <p tal:condition="not:sesObj">Problem: no session object
> > > (redirectTest).</p>
> > > <p tal:condition="sesObj" tal:content="sesObj">session obj
> > > contents</p>
> > > </body>
> > > </html>
> > >
> > >
> > > Brad
> >
> >
> >
> >
>
>
>
>