Using (remove-session) and (start-session) for the same request?

[myrkraverk]

Hi,

I've attempted to start a new session for a GET request, to have a clean session environment for the following POST, by having (remove-session) followed by (start-session). This works sometimes. I'm not exactly sure what the problem is.

The upshot is that the code seems to work now and then. As far as I can tell, if the server sends set-cookie: hunchentoot-session=deleted and so forth, the session will not work, but when not present -- presumably if there was no session in the first place -- it works, and I have a session with all the relevant session-values for the following POST.

Is there a way to make this work? Or will have to do something else?

[stassats]

If you apply the following, does it work?
x.patch

[myrkraverk]

Seems so. It always happened sometimes, so I never had a surefire way to trigger it. However, it happened sort of predictably by repeated GET, POST cycles, and now it doesn't.

Thank you.

[stassats]

I'm not sure this patch can be applied without breaking some existing workflow. So, I guess you can do (setf (session *request*) nil) yourself.

[myrkraverk]

How exactly would that work? Forgive me for not comprehending exactly how the patch works, even though I reviewed it.

Is it a sequence of

  (remove-session)
  (setf (session *request*) nil)
  (start-session)

in the easy-handler?

[stassats]

Yes.