|

Catalyst Web Framework

Can't find my canary

View: New views

6 Messages — Rating Filter: Alert me

	Can't find my canary by Dennis Daupert :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I have a problem trying to use Catalyst::Plugin::FormCanary. There are 3 routines: sub setup checks to make sure session is up and running. It is. sub finalize_session successfully creates the canary keys and adds a hidden input tag to $c->response->body. I wrote output of $c->response->body to $c->log->debug, so I can see that at the command line. But when my page displays in the browser, view source shows that the hidden input tag is NOT there. I'm probably missing something very basic in what happens to $c->response->body, just not sure what. So when I (say) try to login, sub prepare_action can't find the canary. Bummer. Help? /dennis _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/
	Re: Can't find my canary by Jonathan Rockway :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, 2007-09-20 at 08:43 -0700, Dennis Daupert wrote: > I have a problem trying to use Catalyst::Plugin::FormCanary. Two things. First is, FormCanary is a hack. It would be better to let your form validation system handle canary injection and verification. FormCanary isn't going to work very well for AJAX. (Maybe I will add an API method $c->get_canary_html or something, but taking a bad idea even further might be ... bad :) However, if FormCanary's munging is appropriate for your application, wait a bit for me to release 0.02. It turns out that the body is now sent before finalize_session gets to inject the canary. I have fixed this locally but still have the verification test failing because C::P::S::S::Cookie is broken on all my machines. You can get my body fix from git, though, and see if that works on your machine. (git == "git clone git://git.jrock.us/Catalyst-Plugin-FormCanary", or http://git.jrock.us if you want a tarball.) BTW, did the tests originally pass for you? If they did and the module doesn't work, I would be interested in hearing more about that. Regards, Jonathan Rockway _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/
	Re: Can't find my canary by Dennis Daupert :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Jonathan, Thanks much for the reply. > FormCanary isn't going to work very well for AJAX. > It would be better to let your form validation system handle > canary injection and verification. I'm using FormBuilder; I didn't see any canaries in there ;-) I hadn't planned on using this for any of my AJAX forms. > It turns out that the body is now sent before finalize_session > gets to inject the canary. I have fixed this.... > You can get my body fix from git, though, and see if that works > on your machine. I did the git (got?), but the FormCanary.pm is no (diff)erent from the file I (force) installed from CPAN. It has: our $VERSION = '0.01'; Did your fix not get to git yet? > BTW, did the tests originally pass for you? No, I'm the guy who posted the install problem report to rt. I had a look thru the code before force installing. /dennis _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/
	Re: Can't find my canary by Jonathan Rockway :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Dennis Daupert wrote: > Did your fix not get to git yet? It's there now. On my machines, Session::State::Cookie still isn't working, so tests fail for me. But if they pass for you, you should be good to go. I will work on fixing Session::State::Cookie today. Regards, Jonathan Rockway _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/ signature.asc (380 bytes) Download Attachment
	Re: Can't find my canary by Dennis Daupert :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Dennis: >> Did your fix not get to git yet? Jonathan: > It's there now. On my machines, Session::State::Cookie still isn't > working, so tests fail for me. But if they pass for you, > you should be good to go. I bypassed s-s-cookie, manually installed c-p-FormCanary, but the magic isn't working for me yet. I have a question based on this code snippet: #===================================== if ($content_type =~ /html/){ some stuff here... # add the input tags to the body my $body = $c->response->body; $body =~ # yuck. s{</form>} {<input type="hidden" name="$name" id="$name" value="$canary" /> </form>}g; $c->log->debug("$body"); # << I added debug msg $c->response->body($body); } return $c->NEXT::finalize_session(@_); #===================================== Here's what I do not understand: The "canary" hidden input tag IS ADDED, according to $c->log->debug("$body") But the "canary" hidden input tag DOES NOT show up in the page sent to the browser? Why would that be? I'm using TT for view; I have an empty sub end : ActionClass('RenderView') { } c-p-renderview just returns 1 if length $c->response->body, so probably something's working in a way I don't get yet, or works in a way different from what I think is happening. I copied some of FormCanary's code into a webcard widget, twiddled a bit, and it works great. I haven't written any action classes, but it would be really nice to use this as an action class (which I see is on the todo list). I'll mess around some more with this, see what else I can learn. /dennis _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/
	Re: Can't find my canary by Matt S Trout-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Mon, Sep 24, 2007 at 09:35:47AM -0700, Dennis Daupert wrote: > Dennis: > >> Did your fix not get to git yet? > > Jonathan: > > It's there now. On my machines, Session::State::Cookie still isn't > > working, so tests fail for me. But if they pass for you, > > you should be good to go. > > I bypassed s-s-cookie, manually installed c-p-FormCanary, but > the magic isn't working for me yet. > > I have a question based on this code snippet: > #===================================== > if ($content_type =~ /html/){ > some stuff here... > # add the input tags to the body > my $body = $c->response->body; > $body =~ # yuck. > s{</form>} > {<input type="hidden" name="$name" id="$name" value="$canary" /> > </form>}g; > $c->log->debug("$body"); # << I added debug msg > $c->response->body($body); > } > return $c->NEXT::finalize_session(@_); > #===================================== > > Here's what I do not understand: > > The "canary" hidden input tag IS ADDED, according to $c->log->debug("$body") It's being added after the body's sent to the browser. -- Matt S Trout Need help with your Catalyst or DBIx::Class project? Technical Director http://www.shadowcat.co.uk/catalyst/ Shadowcat Systems Ltd. Want a managed development or deployment platform? http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/ _______________________________________________ List: Catalyst@... Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@.../ Dev site: http://dev.catalyst.perl.org/