Closed independentid closed 3 weeks ago
jum
commented
3 weeks ago I would guess you changed session state after you did already produce output for the page. This is not possible, you have to to do all your changes to the session before you produce any output.
independentid
commented
3 weeks ago I don’t think so. It’s part of a mux filter that executes before the app as part of an oauth2 authorization flow.
When session state changes a redirect occurs (e.g as below). When a normal app endpoint is reached, the session state is retrieved, if none exists, a redirect starts the login process.
s.manager.Remove(r.Context(), KeyHexaState) s.manager.Put(r.Context(), KeyEmail, email) s.manager.Put(r.Context(), KeySubject, sub) s.manager.Put(r.Context(), KeyIdToken, rawToken) http.Redirect(w, r, mainPage, http.StatusTemporaryRedirect) That said, I’m double checking now in case I missed something.
Phil Hunt @.***
On Sep 14, 2024, at 12:38 AM, Jens-Uwe Mager @.***> wrote:
I would guess you changed session state after you did already produce output for the page. This is not possible, you have to to do all your changes to the session before you produce any output.
— Reply to this email directly, view it on GitHub https://github.com/alexedwards/scs/issues/219#issuecomment-2350895755, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFQUXTOW4JTMR3YMY6ELQTZWPRWRAVCNFSM6AAAAABOFZFFMWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNJQHA4TKNZVGU. You are receiving this because you authored the thread.
independentid
commented
3 weeks ago I found the issue. It was on my side. Two layers were issuing a redirect to start a login. Thanks.
I am getting a lot of these calls which seem to be triggered by calls to SessionManager:
s.manager.Put(r.Context(), KeyEmail, email)2024-09-13 09:43:56 2024/09/13 16:43:56 http: superfluous response.WriteHeader call from github.com/alexedwards/scs/v2.(*sessionResponseWriter).WriteHeader (session.go:241)