Giter Site home page Giter Site logo

Comments (6)

wallseat avatar wallseat commented on May 23, 2024 1

Thx @peterschutt !

from litestar.

peterschutt avatar peterschutt commented on May 23, 2024

Thanks @wallseat - good find!

Once cookies get above a certain size, we chunk them and store across multiple cookies. When this happens, cookies get stored with an enumeration, e.g., session-0, session-1 etc.

In this case, the session is persisted in the headers for the first time when the request to /protected_route is redirected to the auth route. At this time, the session cookie is not greater than the chunk size and so it gets stored in the cookie under the name session.

After authentication, when the size of the session is much larger due to the presence of the tokens, the serialized session is greater than the chunk size, so the session cookie gets chunked and stored under session-0, session-1.

There is an issue with the algorithm that detects cookies that should be cleared under the condition where the cookie grows in size greater than a single chunk, and that is what we're hitting here. The original session cookie was not being cleared when it is superseded by a cookie called session-0.

from litestar.

peterschutt avatar peterschutt commented on May 23, 2024

@all-contributors add @wallseat for bug

from litestar.

allcontributors avatar allcontributors commented on May 23, 2024

@peterschutt

I've put up a pull request to add @wallseat! 🎉

from litestar.

github-actions avatar github-actions commented on May 23, 2024

This issue has been closed in #3446. The change will be included in the upcoming patch release.

from litestar.

github-actions avatar github-actions commented on May 23, 2024

A fix for this issue has been released in v2.8.3

from litestar.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.