#2226 closed defect (worksforme)
SuspiciousOperation: User tampered with session cookie exception when used with mod_python
| Reported by: | nesh at studioquattro co yu | Owned by: | Adrian Holovaty |
|---|---|---|---|
| Component: | Core (Other) | Version: | |
| Severity: | major | Keywords: | |
| Cc: | nesh@… | Triage Stage: | Unreviewed |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
This is similar to #1758 but I can't login at all.
Precisely I can login, but after the cookie is created all access to the site returns SuspiciousOperation: User tampered with session cookie.
Clearing the cookies does not help, I can access non-admin parts of the site until I try to log in again.
I'm using Apache 2.0.53 prefork, latest trunk, sqlite database, Python 2.4.1, no proxy, browser cache disabled. DEBUG mode are OFF.
Tested in FF, Safari and Opera.
Same site works with runserver and lighttpd.
Is there any workaround for this? Or I must use fastcgi instead?
Relevant parts from setup.py
# 192.168.0.ZZZ my web server private IP # 82.XXX.XXX.XXX is my web server public IP # 192.168.0.XXX is my machine INTERNAL_IPS = ('192.168.0.XXX', '82.XXX.XXX.XXX', '127.0.0.1', '192.168.0.ZZZ') SESSION_COOKIE_NAME = 'DJANGO_STAGING_' + SITE_NAME.upper() MIDDLEWARE_CLASSES = ( "django.middleware.common.CommonMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", 'django.middleware.locale.LocaleMiddleware', "django.middleware.doc.XViewMiddleware", )
vhost entry:
DocumentRoot <project path>/www
ServerName myhost.com
<Directory "<project path>/www">
allow from all
Options FollowSymLinks
</Directory>
LogLevel debug
TransferLog riznica.access.log
ServerSignature Off
PythonPath "['<project path>', '/store/contrib', '/store/django'] + sys.path"
PythonInterpreter riznica
PythonDebug On
<Location "/">
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE <SITE_NAME>.settings
</Location>
<Location "/media/">
SetHandler None
</Location>
<Location "/admin-media/">
SetHandler None
</Location>
<LocationMatch "\.(jpg|gif|png)$">
SetHandler None
</LocationMatch>
ErrorLog riznica.error.log
Change History (2)
comment:1 by , 18 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
comment:2 by , 18 years ago
is this possibly be the same issue as in http://groups.google.com/group/django-users/browse_thread/thread/eeb44c894342d6f7/4b951b6d3a8644dd ?
This seems to be user error; please bring it up on the django-users mailing list instead of in the ticket system.