[Zope] CoreSessions isTokenFromCookie
Frank Tegtmeyer
fte@lightwerk.com
03 Jun 2001 21:09:39 +0200
Because I have problems with structured text input at the Wiki I ask
here.
We use isTokenFromCookie() and isTokenFromForm() to decide if we have
to support hidden fields in forms or have to construct URLs containing
the session id.
It seems that both functions don't work as expected.
Here a test document (standard_html_header contains a getSessionData()
call):
<dtml-var standard_html_header>
<p>
<dtml-if "sdm.isTokenFromCookie()">
Token from Cookie<br>
<dtml-else>
Token not from Cookie<br>
</dtml-if>
<dtml-if "sdm.isTokenFromForm()">
Token from Form<br>
<dtml-else>
Token not from Form<br>
</dtml-if>
<dtml-if "sdm.isTokenNew()">
Token ist new<br>
<dtml-else>
Token is not new<br>
</dtml-if>
</p>
<dtml-var REQUEST>
<dtml-var standard_html_footer>
When I call my document with cookies enabled I get:
----------------------------------
Token not from Cookie
Token not from Form
Token is not new
*form*
*cookies*
_lwZope5 '82915105Az0EYs.E2W4'
...
----------------------------------
This clearly shows that isTokenFromCookie() does not behave like
documented because the token is in the cookie section of REQUEST.
When I call the document with cookies *and* the id in the URL, I get:
----------------------------------
Token not from Cookie
Token not from Form
Token is not new
*form*
_lwZope5 '82915105Az0EYs.E2W4'
*cookies*
_lwZope5 '82915105Az0EYs.E2W4
----------------------------------
Again both functions (isTokenFromForm() and isTokenFromCookie()) don't
work like expected. The token is in the cookie section and in the form
section of REQUEST.
For completeness also the call with cookies disabled:
----------------------------------
Token not from Cookie
Token not from Form
Token is not new
*form*
_lwZope5 '82915105Az0EYs.E2W4
----------------------------------
The result is the same as above.
Any hints what to do except hacking CoreSessions? :)
Is it a bug or a misunderstanding of the documentation?
Regards, Frank