[
https://issues.apache.org/jira/browse/MYFACES-4309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16968852#comment-16968852
]
Bill Lucy commented on MYFACES-4309:
------------------------------------
Even in the CDI case currently, the session cookie isn't added properly -
leading to the IllegalStateException: Response is committed. And that behavior
can only be corrected by increasing the FACELETS_BUFFER_SIZE param. I agree
that PR 71 is not as effective at limiting session creation as the fix for
4297, but the tradeoff of not breaking some user's apps might be worth it.
> Session is broken in some cases due to MYFACES-4297
> ---------------------------------------------------
>
> Key: MYFACES-4309
> URL: https://issues.apache.org/jira/browse/MYFACES-4309
> Project: MyFaces Core
> Issue Type: Bug
> Affects Versions: 2.3.5
> Reporter: Bill Lucy
> Assignee: Bill Lucy
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The changes made for MYFACES-4297 introduced a problem: in some cases a
> session is not created early enough for a session cookie to be written out on
> a response before it is committed, due to the small default response buffer
> size. As mentioned in the comments for 4297, that behavior causes a problem
> for the ViewScope (and I expect the session as well.)
> As discussed, increasing the javax.faces.FACELETS_BUFFER_SIZE is a
> workaround, but that's not ideal for a few reasons:
> 1. apps using the default buffer size value will be broken by the new
> behavior when updating to 2.3.5
> 2. there doesn't appear to be a way to update the buffer size for JSPs
> We should consider revisiting the changes made in MYFACES-4297. Or, if
> nothing else, we might want to add some way to change the default buffer size
> on the JSP path.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)