https://github.com/apache/wicket/pull/252
On Sun, Dec 24, 2017 at 8:35 PM, Maxim Solodovnik <[email protected]> wrote: > Thanks for the reply Martin :) > > I guess these 2 lines should be enough: > id = null; > sessionInvalidated = false; > dirty = false; > Since this method is being used to renew session id only .... > Or some other fields should be clean up? > > On Sun, Dec 24, 2017 at 8:00 PM, Martin Grigorov <[email protected]> > wrote: > >> Hi Maxim, >> >> What about Session#sequence ? And even Session#style and >> #feedbackMessages. >> I do no see a problem to keep those too. >> >> Maybe instead of calling #destroy() replaceSession() should reset the >> securiry related ones only ? >> >> Martin Grigorov >> Wicket Training and Consulting >> https://twitter.com/mtgrigorov >> >> On Sun, Dec 24, 2017 at 10:59 AM, Maxim Solodovnik <[email protected]> >> wrote: >> >> > Hello All, >> > >> > I'm currently investigating weird behavior in our application: >> > WebSocket.onClose message is not being received. >> > >> > What I found is: 2 pages are being created with same pageId >> > >> > I'm using replaceSession(); method to prevent session fuxation >> > During session replacement process, pageId is being set to 0 .... >> > >> > Would it be OK if I'll create PR to preserve pageId inside >> replaceSession >> > method? >> > Or maybe is there any better option? >> > >> > -- >> > WBR >> > Maxim aka solomax >> > >> > > > > -- > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
