List Info

Thread: Can't find my canary
Can't find my canary
country flaguser name
United States		 2007-09-20 10:43:53 

  


  

    I have a problem trying to use Catalyst::Plugin::FormCanary.

There are 3 routines:

sub setup checks to make sure session is up and running. It is.

sub finalize_session successfully creates the canary keys and adds a hidden input tag to $c->response->body. I wrote output of $c->response->body to $c->log->debug, so I can see that at the command line. But when my page displays in the browser, view source shows that the hidden input tag is NOT there. I'm probably missing something very basic in what happens to $c->response->body, just not sure what.

So when I (say) try to login, sub prepare_action can't find the canary. Bummer. Help?

/dennis





  

  
  
   
     
    

  

    Re:  Can't find my canary
  


  

     country flaguser name
United States		
     2007-09-20 12:56:21
  


  

    
On Thu, 2007-09-20 at 08:43 -0700, Dennis Daupert wrote:
> I have a problem trying to use
Catalyst::Plugin::FormCanary.

Two things.  First is, FormCanary is a hack.  It would be
better to let
your form validation system handle canary injection and
verification.
FormCanary isn't going to work very well for AJAX.  (Maybe I
will add an
API method $c->get_canary_html or something, but taking a
bad idea even
further might be ... bad 

However, if FormCanary's munging is appropriate for your
application,
wait a bit for me to release 0.02.  It turns out that the
body is now
sent before finalize_session gets to inject the canary.  I
have fixed
this locally but still have the verification test failing
because
C::P::S::S::Cookie is broken on all my machines.  You can
get my body
fix from git, though, and see if that works on your
machine.

(git == "git clone
git://git.jrock.us/Catalyst-Plugin-FormCanary", or
http://git.jrock.us if you
want a tarball.)

BTW, did the tests originally pass for you?  If they did and
the module
doesn't work, I would be interested in hearing more about
that.

Regards,
Jonathan Rockway


_______________________________________________
List: Catalystlists.rawmode.org
Listinfo: ht
tp://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-
archive.com/catalystlists.rawmode.org/
Dev site: http://dev.catalyst.per
l.org/



  


  

    
  

  
  
   
     
    






 [1-2]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )