Graham Knop [Sun, 14 Apr 2019 00:15:44 +0000]
fix Makefile.PL when no . in @INC
John Napiorkowski [Thu, 6 Dec 2018 02:25:48 +0000]
prepare release meta info
Michael McClimon [Tue, 4 Dec 2018 16:41:38 +0000]
Session: encode HTML entities in error
Without this, it's possible to self-XSS by trying to set a session id to
something like `</script><svg/onload='alert("xss")'>`.
John Napiorkowski [Tue, 27 Jan 2015 01:06:03 +0000]
prep meta data for release
John Napiorkowski [Tue, 27 Jan 2015 00:52:00 +0000]
docs
John Napiorkowski [Mon, 26 Jan 2015 23:13:24 +0000]
make early finalization an option
John Napiorkowski [Mon, 26 Jan 2015 22:49:29 +0000]
finalize session earlier
John Napiorkowski [Wed, 16 Oct 2013 15:05:49 +0000]
upped version, prep release
Robert Rothenberg [Fri, 4 Oct 2013 13:29:12 +0000]
Updated Changes
Robert Rothenberg [Fri, 4 Oct 2013 13:25:53 +0000]
Updated POD w.r.t. contributors
Robert Rothenberg [Fri, 4 Oct 2013 13:24:12 +0000]
Fixed bug with updating session when expiry_threshold is set
John Napiorkowski [Wed, 18 Sep 2013 14:01:27 +0000]
updated version and changlog in prep for release
Robert Rothenberg [Tue, 17 Sep 2013 13:42:42 +0000]
Updated POD
Robert Rothenberg [Fri, 13 Sep 2013 09:43:32 +0000]
Fixed so that session_expires == stored session expires
Robert Rothenberg [Fri, 13 Sep 2013 09:10:03 +0000]
Updated Makefile.PL appropriately
Robert Rothenberg [Fri, 13 Sep 2013 09:09:00 +0000]
Added _get_stored_session_expires method w/related code cleanup
Robert Rothenberg [Thu, 12 Sep 2013 16:30:57 +0000]
Added tests for expiry threshold
Robert Rothenberg [Thu, 12 Sep 2013 16:11:52 +0000]
Removed useless parameter
Robert Rothenberg [Thu, 12 Sep 2013 15:22:40 +0000]
Prototype implementation of expiry_threshold, with POD
Andreas Marienborg [Wed, 26 Jun 2013 02:54:10 +0000]
C<< requires space after << and before >>
Tomas Doran [Mon, 25 Feb 2013 14:39:20 +0000]
Fix typo
Tomas Doran [Mon, 25 Feb 2013 14:02:20 +0000]
Version 0.37
Tomas Doran [Mon, 25 Feb 2013 14:01:38 +0000]
Fix RT#81506
Tomas Doran [Fri, 19 Oct 2012 22:40:11 +0000]
Version 0.36
Tomas Doran [Sun, 15 Jul 2012 17:34:47 +0000]
Fix tests
Tomas Doran [Sun, 15 Jul 2012 17:31:45 +0000]
Chop out crap that is not needed
Gerda Shank [Fri, 25 May 2012 18:24:28 +0000]
add some tests to t/cat_test.t
Gerda Shank [Fri, 25 May 2012 17:53:09 +0000]
expand t/cat_test.t to test session with authentication
Tomas Doran [Fri, 25 May 2012 13:49:33 +0000]
Revert "Move call to _save_session_expires to finalize_session"
This reverts commit
94222de2be3cabb5236edfd948be1dea662e7a43.
Tomas Doran [Tue, 24 Apr 2012 09:33:54 +0000]
Fix VERSIOON, eugh
Tomas Doran [Tue, 24 Apr 2012 08:14:37 +0000]
Skip MYMETA.json
Tomas Doran [Tue, 24 Apr 2012 08:13:49 +0000]
Version 0.35
Tomas Doran [Tue, 24 Apr 2012 08:09:45 +0000]
Changelog
Tomas Doran [Tue, 24 Apr 2012 08:08:48 +0000]
Fix Pod coverage
Tomas Doran [Tue, 24 Apr 2012 07:40:06 +0000]
Make author tests properly author only
Tomas Doran [Tue, 24 Apr 2012 07:36:23 +0000]
Ignore MYMETA
Tomas Doran [Tue, 24 Apr 2012 07:34:16 +0000]
Skip test if we don't have the cookie state module yet
Gerda Shank [Mon, 23 Apr 2012 17:40:59 +0000]
tweak doc for 'change_session_expires'
Gerda Shank [Mon, 23 Apr 2012 17:11:29 +0000]
implement 'change_session_expires'
Dimitar Petrov [Mon, 23 Apr 2012 14:38:57 +0000]
add test for extend_session_expires
Gerda Shank [Mon, 23 Apr 2012 14:26:35 +0000]
call 'extend_session_expires' in 'session_expires'
Devin Austin [Fri, 30 Mar 2012 21:38:50 +0000]
updated changes
Devin Austin [Fri, 30 Mar 2012 21:32:41 +0000]
Merge branch 'master' into tags/0.32
Devin Austin [Fri, 30 Mar 2012 21:20:57 +0000]
updated git repo metadata
Devin Austin [Fri, 30 Mar 2012 21:00:38 +0000]
updated Changes and bumped version
Devin Austin [Fri, 30 Mar 2012 20:57:14 +0000]
removed trailing hatespace
Devin Austin [Fri, 30 Mar 2012 20:37:49 +0000]
tooting my own horn, added myself to contributors section
Devin Austin [Fri, 30 Mar 2012 20:32:41 +0000]
tests pass for address change test per https://rt.cpan.org/Public/Bug/Display.html?id=71142#txn-1001261
Tomas Doran [Thu, 8 Mar 2012 16:27:11 +0000]
Version 0.33
Tomas Doran [Tue, 31 Jan 2012 09:20:02 +0000]
Clarify the comment here, it was causing confusion
Dimitar Petrov [Mon, 8 Aug 2011 07:58:42 +0000]
fix extend_session_expires to extend the current session (RT#59595)
Stefan Seifert [Thu, 30 Jun 2011 13:24:10 +0000]
Move call to _save_session_expires to finalize_session
_save_session_expires got called in finalize_header, because it
implicitly also extends the session expiry which in turn influences a
possible session cookie which has to be finalized before finalizing
headers.
This patch moves the call to _save_session_expires to finalize_session
with the rest of the _save_* calls and only leaves updating the
session_expiry in finalize_header. This is needed as base for a patch to
Catalyst::Plugin::SubRequest which will allow starting new sessions from
within a subrequest.
Tomas Doran [Wed, 8 Jun 2011 12:05:10 +0000]
Add MYMETA to yaml
Jens Gassmann [Wed, 8 Jun 2011 11:55:43 +0000]
Checking in changes prior to tagging of version 0.32.
Changelog diff is:
Index: Changes
===================================================================
?\027[1;31m--- Changes (Revision 14032)?\027[0;0m
?\027[1;34m+++ Changes (Arbeitskopie)?\027[0;0m
?\027[1;35m@@ -1,5 +1,8 @@?\027[0;0m
?\027[0;0m Revision history for Perl extension Catalyst::Plugin::Session?\027[0;0m
?\027[0;0m ?\027[0;0m
?\027[1;34m+0.32 2011-06-08?\027[0;0m
?\027[1;34m+ - Fix handling with enables verify_address and add related test?\027[0;0m
?\027[1;34m+?\027[0;0m
?\027[0;0m 0.31 2010-10-08?\027[0;0m
?\027[0;0m - Fix session being loaded by call to dump_these in debug mode?\027[0;0m
?\027[0;0m (RT#58856)?\027[0;0m
Jens Gassmann [Wed, 8 Jun 2011 11:43:18 +0000]
Test for verify address and fix reset __address
Tomas Doran [Fri, 8 Oct 2010 14:29:31 +0000]
Version 0.31
Tomas Doran [Fri, 8 Oct 2010 14:26:03 +0000]
Back out, breaks shit
Tomas Doran [Fri, 8 Oct 2010 14:19:05 +0000]
Optimisation - only save session if data added by application
Tomas Doran [Mon, 19 Jul 2010 19:21:29 +0000]
Fix RT#58856
Antony Gelberg [Tue, 29 Jun 2010 14:06:15 +0000]
Fix over-long example of forever session.
Tomas Doran [Thu, 24 Jun 2010 12:53:12 +0000]
Checking in changes prior to tagging of version 0.30. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 13365)
+++ Changes (working copy)
@@ -1,6 +1,6 @@
Revision history for Perl extension Catalyst::Plugin::Session
-0.30 TO BE RELEASED
+0.30 2010-06-24
- Fix Makefile.PL's is_upgrading_needed() routine (RT #58771)
0.29 2009-11-04
Brian Cassidy [Thu, 24 Jun 2010 12:43:10 +0000]
Fix Makefile.PL's is_upgrading_needed() routine (RT #58771)
Tomas Doran [Wed, 16 Jun 2010 17:39:54 +0000]
Clarify docs
Jonathan Yu [Mon, 15 Feb 2010 23:45:45 +0000]
requred -> required, begining -> beginning
Tomas Doran [Wed, 4 Nov 2009 22:58:30 +0000]
Bump versions
Tomas Doran [Wed, 4 Nov 2009 22:51:57 +0000]
Small cleanups
Tomas Doran [Wed, 4 Nov 2009 22:47:29 +0000]
Changelog
Tomas Doran [Wed, 4 Nov 2009 22:45:01 +0000]
Merge 'session_deleted_bug' into 'trunk'
r11775@t0mlaptop (orig r11740): jsut | 2009-11-04 19:36:52 +0000
Branch to commit failing tests
r11777@t0mlaptop (orig r11742): jsut | 2009-11-04 19:53:19 +0000
Added a failing test for a situation that occurs when you have a cookie for a session that's expired. If you subsequently call 'session_is_valid' in the same request, the newly created session is deleted for being expired, despite the fact it was just created.
r11779@t0mlaptop (orig r11744): jsut | 2009-11-04 21:38:49 +0000
This patch makes it so that the expiry is not looked up in the underlying store when a session has not yet committed to the store.
Probably not the most graceful way to do it, but it works.
Tomas Doran [Wed, 4 Nov 2009 22:42:04 +0000]
Changelog
Tomas Doran [Wed, 4 Nov 2009 22:39:46 +0000]
Merge 'accessor_change' into 'trunk'
r11709@t0mlaptop (orig r11674): hobbs | 2009-10-27 09:29:57 +0000
Once again I fail at branching. Let's put the branch in branches/ shall we?
r11710@t0mlaptop (orig r11675): hobbs | 2009-10-27 09:48:02 +0000
Code, test, docs.
Adam Prime [Wed, 4 Nov 2009 21:38:49 +0000]
This patch makes it so that the expiry is not looked up in the underlying store when a session has not yet committed to the store.
Probably not the most graceful way to do it, but it works.
Adam Prime [Wed, 4 Nov 2009 19:53:19 +0000]
Added a failing test for a situation that occurs when you have a cookie for a session that's expired. If you subsequently call 'session_is_valid' in the same request, the newly created session is deleted for being expired, despite the fact it was just created.
Tomas Doran [Thu, 29 Oct 2009 09:57:58 +0000]
Checking in changes prior to tagging of version 0.28. Changelog diff is:
Tomas Doran [Thu, 29 Oct 2009 09:50:54 +0000]
Fix session fixation tests, kentnl++
Andrew Rodland [Tue, 27 Oct 2009 09:48:02 +0000]
Code, test, docs.
Florian Ragwitz [Thu, 8 Oct 2009 21:36:54 +0000]
Version 0.27.
Florian Ragwitz [Thu, 8 Oct 2009 21:36:49 +0000]
Add .gitignore.
Florian Ragwitz [Thu, 8 Oct 2009 21:36:44 +0000]
Ignore .git from MANIFEST
Tomas Doran [Tue, 6 Oct 2009 08:41:38 +0000]
Bump versions for dev release. Clean up other mentions of config->{session}
Tomas Doran [Tue, 6 Oct 2009 08:36:39 +0000]
Tidy up config namespace and the TestApps
Tomas Doran [Wed, 19 Aug 2009 21:19:59 +0000]
Checking in changes prior to tagging of version 0.26. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 11171)
+++ Changes (working copy)
@@ -1,7 +1,9 @@
Revision history for Perl extension Catalyst::Plugin::Session
0.26 2009-08-19
- - Remove Test::MockObject from the test suite as it is full of fail.
+ - Remove Test::MockObject from the test suite as prone to failing on
+ some platforms and perl versions due to it's UNIVERSAL:: package
+ dependencies.
0.25 2009-07-08
- Add the a change_session_id method which can be called after
Tomas Doran [Wed, 19 Aug 2009 21:02:46 +0000]
Checking in changes prior to tagging of version 0.26. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 11170)
+++ Changes (working copy)
@@ -1,6 +1,9 @@
Revision history for Perl extension Catalyst::Plugin::Session
-0.25 2009-0708
+0.26 2009-08-19
+ - Remove Test::MockObject from the test suite as it is full of fail.
+
+0.25 2009-07-08
- Add the a change_session_id method which can be called after
authentication to change the user's session cookie whilst preserving
their session data. This can be used to provide protection from
Rafael Kitover [Sat, 25 Jul 2009 11:58:03 +0000]
minor change that unfucks ::State::URI (provided by Helios)
Tomas Doran [Wed, 8 Jul 2009 21:51:19 +0000]
Changelog, attribute kmx, strip trailing whitespace
KMX [Tue, 7 Jul 2009 21:54:46 +0000]
C::P::Session - branche session_fixation: new method change_session_id (incl. doc), new session_fixation tests pass, tested with a real application as well
KMX [Tue, 7 Jul 2009 20:36:10 +0000]
C::P::Session - branche session_fixation: more sophisticated tests for session_fixation
Dan Dascalescu [Tue, 23 Jun 2009 10:06:10 +0000]
Fixed minor grammar in Tutorial.pod
Tomas Doran [Tue, 23 Jun 2009 08:16:31 +0000]
Checking in changes prior to tagging of version 0.24. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 10553)
+++ Changes (working copy)
@@ -1,5 +1,11 @@
Revision history for Perl extension Catalyst::Plugin::Session
+0.24 2009-06-23
+ - Be more paranoid about getting values of $c->req to avoid issues
+ with old Test::WWW::Mechanize::Catalyst.
+ - Check we have a modern version of TWMC before doing the tests which
+ need it.
+
0.23 2009-06-16
- Add the verify_user_agent config parameter (kmx)
- Add a test case to prove that logging in with a session cookie still
Tomas Doran [Tue, 16 Jun 2009 19:42:55 +0000]
Checking in changes prior to tagging of version 0.23. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 10552)
+++ Changes (working copy)
@@ -1,5 +1,6 @@
Revision history for Perl extension Catalyst::Plugin::Session
+0.23 2009-06-16
- Add the verify_user_agent config parameter (kmx)
- Add a test case to prove that logging in with a session cookie still
causes a new cookie to be issued for you, proving that the code is
Tomas Doran [Tue, 16 Jun 2009 19:34:51 +0000]
Merge verify_user_agent branch
KMX [Tue, 2 Jun 2009 12:41:20 +0000]
C::Plugin::Session - branche for verify_user_agent option
Tomas Doran [Sat, 23 May 2009 11:09:06 +0000]
Add repository resource to all the MI Makefile.PLs
Tomas Doran [Sat, 23 May 2009 11:01:44 +0000]
No session fixation I can see here
Tomas Doran [Wed, 20 May 2009 09:42:31 +0000]
Fix .shipit after the move
Tomas Doran [Wed, 13 May 2009 20:57:29 +0000]
Checking in changes prior to tagging of version 0.22. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 10057)
+++ Changes (working copy)
@@ -1,5 +1,17 @@
Revision history for Perl extension Catalyst::Plugin::Session
+0.22 2009-05-13
+ - INSANE HACK to ensure B::Hooks::EndOfScope inlines us a new method right now
+ in Catalyst::Plugin::Session::Test::Store for Catalyst 5.80004 compatibility.
+
+ This change does not in any way affect normal users - it is just due to the
+ fairly crazy way that Catalyst::Plugin::Session::Test::Store works, and that
+ module is _only_ used for unit testing session store plugins pre-installation.
+
+ Session::Test::Store should be replaced with a more sane solution, and other
+ CPAN modules using it moved away from using it, but this change keeps stops
+ new Catalyst breaking other distributions right now.
+
0.21 2009-04-30
- Hide the internal packages in Catalyst::Plugin::Session::Test::Store from PAUSE.
- Convert from CAF to Moose with Moosex::Emulate::Class::Accessor::Fast
Tomas Doran [Thu, 7 May 2009 13:19:53 +0000]
Bump required Module::Install version in everything. janus++
Tomas Doran [Thu, 30 Apr 2009 20:49:18 +0000]
Checking in changes prior to tagging of version 0.21. Changelog diff is:
Index: Changes
===================================================================
--- Changes (revision 9972)
+++ Changes (working copy)
@@ -1,6 +1,6 @@
Revision history for Perl extension Catalyst::Plugin::Session
-0.21 Not released
+0.21 2009-04-30
- Hide the internal packages in Catalyst::Plugin::Session::Test::Store from PAUSE.
- Convert from CAF to Moose with Moosex::Emulate::Class::Accessor::Fast
Peter Karman [Thu, 30 Apr 2009 20:44:21 +0000]
require specific versions
Peter Karman [Thu, 30 Apr 2009 20:43:24 +0000]
require specific versions
Peter Karman [Thu, 30 Apr 2009 20:39:31 +0000]
some helpful diag
projects / catagits/Catalyst-Plugin-Session.git / log