[LON-CAPA-admin] Any change in loncapa session cookie with version 2.11.3?
raeburn at msu.edu
Fri May 14 20:29:35 EDT 2021
LON-CAPA 2.11.3 includes changes to cookie session handling, including this item, as documented in the release notes:
- Use 'secure' attribute for session cookie on servers using Apache/SSL (i.e., mod_ssl).
The name of the session cookie will differ depending on whether your server is using mod_ssl or not. I recommend using mod_ssl to protect LON-CAPA sessions.
If you currently have read access to the LON-CAPA CVS repository using an ssh key (or a password, for anyone who originally received CVS access prior to 2008), then access the modules/raeburn repository and use the command:
cvs diff -b -r 1.11 -r 1.12 monitor.pl
to see the sort of changes you might want to make to your program.
If you do not have access to the CVS repository, and have questions, contact me off-list.
LON-CAPA Academic Consortium
From: LON-CAPA-admin <lon-capa-admin-bounces at mail.lon-capa.org> on behalf of H.K. Ng via LON-CAPA-admin <lon-capa-admin at mail.lon-capa.org>
Sent: Friday, May 14, 2021 6:59 PM
To: LON-CAPA Admin
Subject: [LON-CAPA-admin] Any change in loncapa session cookie with version 2.11.3?
I have a program that reads the cookie for the loncapa session. It works in version 2.11.2 but it fails in 2.11.3 (at least I think that is what is causing the problem). Is there a change in how the loncapa session is now configured? Thanks.
More information about the LON-CAPA-admin