Not set the lifetime of cookies

Added by Elias Chistyakov over 9 years ago

Hello. For some time now ceased to be set to the lifetime of cookies. Maybe I have something not so doing. Redmine installed from Gentoo Portage. Anyone having this trouble?

Replies (16)

RE: Not set the lifetime of cookies - Added by Felix Schäfer over 9 years ago

Why does it bother you that the cookies have an infinite lifetime? I think this is expected behavior.

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

Cookies are not infinite life. Their life-long session. And I need something, they would have lived a week or a year.

RE: Not set the lifetime of cookies - Added by Felix Schäfer over 9 years ago

I'm still not sure what you are getting at. If you need autologin or want to disable it, see RedmineSettings, the other cookie (_redmine_session) only contains session information, no sensitive information like a password.

If I still didn't get what you, I'll go out on a limb here and suppose you are russian, maybe you could try to describe your problem/question in russian, I have a few friends who could translate it for me :-)

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

Thank you. Yes, I'm Russian:)

Установка времени жизни куки autologin не работает. Она по прежнему умирает с сессией. Как и любой другой вызов cookies[:mycookie] = { :value => "myvalue", :expires => Time.now + 1.years } не работает. Я долго рылся всюду, но понять ошибку не смог...

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

Felix Schäfer silent. Here is the last post in English. Maybe someone else will answer.

Installing lifetime cookie autologin does not work. It still die with the session. Like any other set cookies[:mycookie] = (:value => "myvalue",:expires => Time.now + 1.years) does not work. I rummaged around for a long time, but to understand the error could not...

RE: Not set the lifetime of cookies - Added by Andrej Gelenberg over 9 years ago

Please post the http-header.
You can get a http-header dump as follow:
$ curl -D header_dump <url>

RE: Not set the lifetime of cookies - Added by Felix Schäfer over 9 years ago

Danke Andrej ;-)

Elias, I am under the impression that your problem is rails related, not redmine related. Is your problem related to redmine, or to some other software you are writing?

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

Felix, I think so too. I made a test application and it turned out perfectly set the lifetime of cookies. And then I install redmine 0.9.2(USE="passenger postgres openid" emerge redmine). And here autoload always set before the end of the session.

Andrej, I'll write tomorrow.

Sorry for my Google-English.

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

Andrej, thanks for the tip-off.

Set-Cookie    autologin=1f2a7cef91cf7c6e4da56ca764a7999920e65783; path=/; expires=Срд, 02-Мар-2011 08:10:10 GMT _redmine_session=BAh7BzoMdXNlcl9pZGkGOg9zZXNzaW9uX2lkIiUwZDkxMWMxZjU5ZGNjZDgwNzhlMTAyYmMyYmY0Zjg1OA%3D%3D--3d5c106b93101a4c40cc559817ebe3893cd7eb9b; path=/; HttpOnly

It should be added to issues :)

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

rack-1.0.1/lib/rack/response.rb

expires = "; expires=" + value[:expires].clone.gmtime.
  strftime("%a, %d-%b-%Y %H:%M:%S GMT")    if value[:expires]

How to cancel the localization of time? Edit Rake? Or is there another way?

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

My solution:

--- /usr/lib64/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/response.rb
+++ /usr/lib64/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/response.rb
@@ -60,8 +60,7 @@
         path    = "; path="    + value[:path]      if value[:path]
         # According to RFC 2109, we need dashes here.
         # N.B.: cgi.rb uses spaces...
-        expires = "; expires=" + value[:expires].clone.gmtime.
-          strftime("%a, %d-%b-%Y %H:%M:%S GMT")    if value[:expires]
+        expires = "; expires=" + value[:expires].httpdate if value[:expires]
         secure = "; secure"  if value[:secure]
         httponly = "; HttpOnly" if value[:httponly]
         value = value[:value]

RE: Not set the lifetime of cookies - Added by Felix Schäfer over 9 years ago

Elias, this is definitely a rack problem, not a redmine problem. Please contact the rack devs (the rack homepage is http://rack.rubyforge.org/) regarding this problem, as there isn't anything the redmine devs can do about it. Thanks for your time and effort though.

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

It turns out the bug has been known for a long time >> http://github.com/rack/rack/issues#issue/5
grief

RE: Not set the lifetime of cookies - Added by Felix Schäfer over 9 years ago

Mmh, maybe you could open a feature request that explains the problem and requests that the redmine be upgraded to work with rack 1.1, that may solve your problem.

RE: Not set the lifetime of cookies - Added by Elias Chistyakov over 9 years ago

I ran with remine rack 1.1.0, without modification.

RE: Not set the lifetime of cookies - Added by Jason Patton about 9 years ago

Although I don't have much information about the lifetime of cookies in this issue I am glad that I reached this site.

(1-16/16)