session module

is Apache::Session or CGI::Session better for mod_perl?

Thanks.

Re: session module

Both work. CGI::Session was better maintained for a while but it
looks like Apache::Session has been updated recently. Pick the one
that you find easiest to understand from the documentation.

- Perrin

2010/10/29 Jeff Pang :
> is Apache::Session or CGI::Session better for mod_perl?
>
> Thanks.
>

Re: session module

try a framework. that's much more popular. :)

On Fri, Oct 29, 2010 at 8:20 PM, Perrin Harkins wrote:
> Both work.  CGI::Session was better maintained for a while but it
> looks like Apache::Session has been updated recently.  Pick the one
> that you find easiest to understand from the documentation.
>
> - Perrin
>
> 2010/10/29 Jeff Pang :
>> is Apache::Session or CGI::Session better for mod_perl?
>>
>> Thanks.
>>
>



--=20
Fayland Lam // http://www.fayland.org/

Re: session module

于 2010-10-29 20:28, Fayland Lam 写道:
> try a framework. that's much more popular. :)
>

I wrote a small application with few scripts.
A framework like catalyst is too large to use for me.
Thanks.

Jeff.

Re: session module

于 2010-10-29 20:20, Perrin Harkins 写道:
> Both work. CGI::Session was better maintained for a while but it
> looks like Apache::Session has been updated recently. Pick the one
> that you find easiest to understand from the documentation.
>

I know CGI::Session well.
But have been thinking does Apache::Session get better performance under
modperl?

Thanks.

Jeff.

Re: session module

try Dancer. which is very suitable for small application. just one file.

Thanks

On Fri, Oct 29, 2010 at 8:37 PM, Jeff Pang wrote:
> äº=8E 2010-10-29 20:28, Fayland Lam 写道:
>>
>> try a framework. that's much more popular. :)
>>
>
> I wrote a small application with few scripts.
> A framework like catalyst is too large to use for me.
> Thanks.
>
> Jeff.
>
>



--=20
Fayland Lam // http://www.fayland.org/

Re: session module

On Fri, Oct 29, 2010 at 8:39 AM, Jeff Pang wrote:
> I know CGI::Session well.
> But have been thinking does Apache::Session get better performance under
> modperl?

I haven't measured it, but I doubt there's any significant performance
difference. Don't be fooled by the "CGI" in CGI::Session.

- Perrin

Re: session module

于 2010-10-29 20:42, Fayland Lam 写道:
> try Dancer. which is very suitable for small application. just one file.
>

Ok I will check out it.
I first time knew Dancer from ruby 2 years ago.
Never know that there is a perl execution of that.

Re: session module

--0016e6dee6d6dcd8790493c73a20
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Haven't used any of the popular session modules in awhile.
Are these susceptible to the cleartext cookie silliness exposed by
FireSheep?

"Great Artists Ship"
Lon Koenig lon@schnoggo.com http://lonk.me



On Fri, Oct 29, 2010 at 7:47 AM, Jeff Pang wrote:

> äº=8E 2010-10-29 20:42, Fayland Lam 写道:
>
> try Dancer. which is very suitable for small application. just one file.
>>
>>
> Ok I will check out it.
> I first time knew Dancer from ruby 2 years ago.
> Never know that there is a perl execution of that.
>
>

--0016e6dee6d6dcd8790493c73a20
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Haven't used any of the popular session modules in awhile.
Are these=
susceptible to the cleartext cookie silliness exposed by FireSheep?
>

ly: Verdana,Arial,Helvetica,sans-serif;">

b(248, 248, 248); padding: 0.8em 0.8em 0.3em;">

s,sans-serif;" color=3D"#888888">"Great Artists Ship"
yle=3D"color: rgb(0, 0, 0);">Lon Koenig     lto:lon@schnoggo.com" target=3D"_blank">lon@schnoggo.com color: rgb(0, 0, 0);">  =3D"_blank">http://lonk.me

2.0.3&t=3D1288383536168&u=3D6544412&e=3D8000" height=3D"1" widt=
h=3D"1">

Re: session module

--- On Fri, 10/29/10, Fayland Lam wrote:
> try Dancer. which is very suitable
> for small application. just one file.

One file containing:
"""
use Dancer::Config;
use Dancer::FileUtils;
use Dancer::GetOpt;
use Dancer::Error;
use Dancer::Helpers;
use Dancer::Logger;
use Dancer::Plugin;
use Dancer::Renderer;
use Dancer::Response;
use Dancer::Route;
use Dancer::Serializer::JSON;
use Dancer::Serializer::YAML;
use Dancer::Serializer::XML;
use Dancer::Serializer::Dumper;
use Dancer::Session;
use Dancer::SharedData;
use Dancer::Handler;
use Dancer::ModuleLoader;
"""
which isn't "one file" by my reckoning. Nevertheless, it looks very interes=
ting. I will try a toy applet with it this weekend. Thanks for mentioning i=
t.

Phil

> On Fri, Oct 29, 2010 at 8:37 PM, Jeff Pang
> wrote:
> > äº=8E 2010-10-29 20:28, Fayland Lam 写道:
> >>
> >> try a framework. that's much more popular. :)
> >>
> >
> > I wrote a small application with few scripts.
> > A framework like catalyst is too large to use for me.
=0A

Re: session module

On Fri, Oct 29, 2010 at 4:23 PM, Lon Koenig wrote:
> Are these susceptible to the cleartext cookie silliness exposed by FireSheep?

Well, Apache::Session doesn't handle cookies at all, so it's entirely
up to you how you want to deal with it, and CGI::Session doesn't
dictate whether or not your site uses SSL, so that is also up to you.

There is no way to prevent people from potentially seeing cookies (or
anything else) passed over a non-SSL network. Sites that are
seriously concerned about this should use SSL. Even sites that don't
use SSL should use cookies with some form of MAC and a reasonable
session timeout.

- Perrin