Changes between Initial Version and Version 1 of Ticket #16199, comment 11


Ignore:
Timestamp:
06/16/2011 06:28:32 PM (4 years ago)
Author:
PaulM
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #16199, comment 11

    initial v1  
    1 I commented on #16182, but will go into more detail here. r16356 added 5 digits of precision to the signed timestamp so that this cookie backend could pass the cookie rotation test. Adding these extra bits to our already limited cookie length isn't necessary, and the test should be modified to work with single-second precision for this backend.
     1I commented on #16182, but will go into more detail here. r16356 added 5 digits of precision to the signed timestamp so that this cookie backend can pass the cookie rotation test. Adding these extra bits to our already limited cookie length isn't necessary, and the test should be modified to work with single-second precision for this backend.
    22
    33Unlike server-side session stores, when we rotate a cookie with this backend, we don't invalidate the previous one. In server side session  stores, rotating a cookie should destroy access to the data server side, so we need to test that this rotation works immediately. In this backend, we can't invalidate previously signed cookies (other than letting them expire naturally). So requiring that setting a cookie then immediately rotating it produce a different cookie isn't meaningful.
Back to Top