search

dagolden / Dancer-Session-Cookie

Dancer session engine based on encrypted cookies
2 stars 2 forks source link

Session can be stolen when route dies #5

Closed cursork closed 11 years ago

cursork commented 11 years ago

This is issue #4 - it's actually a session stealing problem.

If the route code dies, the cached $SESSION variable is left around and picked up on the next request.

dagolden commented 11 years ago

Thanks. I'll check it out and see about applying it.