Re: [Catalyst] Can't find my canary
Dennis:
Did your fix not get to git yet?
Jonathan:
It's there now. On my machines, Session::State::Cookie still isn't
working, so tests fail for me. But if they pass for you,
you should be good to go.
I bypassed s-s-cookie, manually installed c-p-FormCanary, but
the magic isn't working for me yet.
I have a question based on this code snippet:
#=
if ($content_type =~ /html/){
some stuff here...
# add the input tags to the body
my $body = $c-response-body;
$body =~ # yuck.
s{/form}
{input type=hidden name=$name id=$name value=$canary /
/form}g;
$c-log-debug($body); # I added debug msg
$c-response-body($body);
}
return $c-NEXT::finalize_session(@_);
#=
Here's what I do not understand:
The canary hidden input tag IS ADDED, according to $c-log-debug($body)
But the canary hidden input tag DOES NOT show up in the page
sent to the browser? Why would that be?
I'm using TT for view; I have an empty
sub end : ActionClass('RenderView') { }
c-p-renderview just returns 1 if length $c-response-body,
so probably something's working in a way I don't get yet,
or works in a way different from what I *think* is happening.
I copied some of FormCanary's code into a webcard widget,
twiddled a bit, and it works great. I haven't written any
action classes, but it would be really nice to use this as
an action class (which I see is on the todo list). I'll
mess around some more with this, see what else I can learn.
/dennis
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Can't find my canary
On Mon, Sep 24, 2007 at 09:35:47AM -0700, Dennis Daupert wrote:
Dennis:
Did your fix not get to git yet?
Jonathan:
It's there now. On my machines, Session::State::Cookie still isn't
working, so tests fail for me. But if they pass for you,
you should be good to go.
I bypassed s-s-cookie, manually installed c-p-FormCanary, but
the magic isn't working for me yet.
I have a question based on this code snippet:
#=
if ($content_type =~ /html/){
some stuff here...
# add the input tags to the body
my $body = $c-response-body;
$body =~ # yuck.
s{/form}
{input type=hidden name=$name id=$name value=$canary /
/form}g;
$c-log-debug($body); # I added debug msg
$c-response-body($body);
}
return $c-NEXT::finalize_session(@_);
#=
Here's what I do not understand:
The canary hidden input tag IS ADDED, according to $c-log-debug($body)
It's being added after the body's sent to the browser.
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Directorhttp://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/http://www.shadowcat.co.uk/servers/
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Can't find my canary
Dennis Daupert wrote: Did your fix not get to git yet? It's there now. On my machines, Session::State::Cookie still isn't working, so tests fail for me. But if they pass for you, you should be good to go. I will work on fixing Session::State::Cookie today. Regards, Jonathan Rockway signature.asc Description: OpenPGP digital signature ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Can't find my canary
I have a problem trying to use Catalyst::Plugin::FormCanary. There are 3 routines: sub setup checks to make sure session is up and running. It is. sub finalize_session successfully creates the canary keys and adds a hidden input tag to $c-response-body. I wrote output of $c-response-body to $c-log-debug, so I can see that at the command line. But when my page displays in the browser, view source shows that the hidden input tag is NOT there. I'm probably missing something very basic in what happens to $c-response-body, just not sure what. So when I (say) try to login, sub prepare_action can't find the canary. Bummer. Help? /dennis ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Can't find my canary
On Thu, 2007-09-20 at 08:43 -0700, Dennis Daupert wrote: I have a problem trying to use Catalyst::Plugin::FormCanary. Two things. First is, FormCanary is a hack. It would be better to let your form validation system handle canary injection and verification. FormCanary isn't going to work very well for AJAX. (Maybe I will add an API method $c-get_canary_html or something, but taking a bad idea even further might be ... bad :) However, if FormCanary's munging is appropriate for your application, wait a bit for me to release 0.02. It turns out that the body is now sent before finalize_session gets to inject the canary. I have fixed this locally but still have the verification test failing because C::P::S::S::Cookie is broken on all my machines. You can get my body fix from git, though, and see if that works on your machine. (git == git clone git://git.jrock.us/Catalyst-Plugin-FormCanary, or http://git.jrock.us if you want a tarball.) BTW, did the tests originally pass for you? If they did and the module doesn't work, I would be interested in hearing more about that. Regards, Jonathan Rockway ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
