I did some investigating and found out that the POST variables were flat-out missing after running through my mod_ruby authentication handler. I wrote a dummy handler and found that you have to run request.send_http_header before sending the Apache::OK to get the variables to go through. Great, but my real handler was still giving me problems.
It turns out that mod_ruby consumes the header as soon as you do a read of a cookie or a header. For a GET that's not a form, this isn't an issue and you wouldn't notice in most cases. For forms, particularly POST, it's a real problem.
I solved this by doing the following:
- Added request.send_http_header before all my returns
- Used req2 = request.lookup_uri("/known_nonexistent_page") to effectively clone the request.
- Changed my cookie read to point to req2. If you want to read cookies, the cookies will go to this secondary request, so you can read them from there and consume that request while leaving your original one alone.
This seems to have fixed the problem in my tests, and POSTs and file uploads work fine, but I'll know for sure when I roll it out.
No comments:
Post a Comment