[Koha-devel] Crashes on new Opac Recent Searches cookie in older Koha versions
Galen Charlton
gmc at esilibrary.com
Fri Oct 11 21:26:02 CEST 2013
Hi,
On Thu, Oct 10, 2013 at 3:17 AM, Marcel de Rooy <M.de.Rooy at rijksmuseum.nl>wrote:
> Recently two commits were added that move the search history cookie to a
> new format.
>
> **
>
> ** **
>
> commit 961617765ef25bde32cb050ad016f3b063661ef8 (no bug number, from
> Galen)****
>
> commit 488a3d6fed57b4e0d773157ee4a6ab7e4775e7a4 (no bug number, from Galen)
> ****
>
> ** **
>
> I have been looking for these patches on Bugzilla, but I cannot find them.
> Perhaps they are there, but I may have used the wrong search terms.
>
As Katrin pointed out, these were part of bug 10657 for the July security
release. The patches lack a bug number because of a chicken-and-egg
problem, as the bug couldn't be posted before the patches and the release
announcement were.
> These patches have a nasty side-effect. If you use an older Koha version
> and also current master on the same system for testing, the old Koha
> version will stumble over this (shared) cookie:****
>
> ** **
>
> Storable binary image v45.123 more recent than I am (v2.8) at
> /usr/lib64/perl5/Storable.pm line 416, at
> /usr/share/koha/maintclone/C4/Auth.pm line 293.****
>
> ** **
>
> So to overcome this problem, you must delete the KohaOpacRecentSearches
> cookie AND set preference EnableOpacSearchHistory to off in the old system.
> ****
>
> Deleting the search cookie every time, as updated by the master clone, is
> not really an option :)
>
An alternative configuration which may better suit your needs is to use
name-based virtual hosts rather than port-based ones, which will perforce
ensure that the two versions don't share cookies.
> Since I cannot find the bug where this development was documented, I do
> not know if this side-effect was discussed, tested etc. ****
>
> But for changes like this, a question like: Can this change affect older
> Koha versions somehow? would be fine to address at the least..
>
Considering that the security release was made at the end of July, was
targeted at supported *and* unsupported versions, and was heavily
publicized, there is already a fair amount of negative data (in the form of
no new bug reports that include the keyword "storable") that would indicate
that the configuration you use for testing is rarely used by production
sites. However, the existence of this thread will hopefully provide hints
if anybody else does do use this configuration.
Regards,
Galen
--
Galen Charlton
Manager of Implementation
Equinox Software, Inc. / The Open Source Experts
email: gmc at esilibrary.com
direct: +1 770-709-5581
cell: +1 404-984-4366
skype: gmcharlt
web: http://www.esilibrary.com/
Supporting Koha and Evergreen: http://koha-community.org &
http://evergreen-ils.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20131011/6b070359/attachment.html>
More information about the Koha-devel
mailing list