It's often convenient to avoid sending the session argument directly and just let the browser do it with a cookie. This patch will set the sessid parameter to the current session ID, if it is not provided in the arguments and a valid session exists.

CommentFileSizeAuthor
services_sessid_cookie.patch651 bytesscottgifford

Comments

marcingy’s picture

marcingy commented

Was out of town at drupalcamp Alberta I'll review sometime this week.

Thanks for your continued flow of patches :)

marcingy’s picture

marcingy commented
Status: Needs review » Fixed

Applied to d5 and 6-x-2-dev. Sorry for the delay but work and life got in the way!!!

scottgifford’s picture

scottgifford commented

Thanks!

marcingy’s picture

marcingy commented
Version: 5.x-0.92 » 6.x-2.x-dev
Status: Fixed » Patch (to be ported)

Need to rework for d6 as logically it was in the wrong place as authenication is now plugable.

Hugo Wetterberg’s picture

Hugo Wetterberg commented
Status: Patch (to be ported) » Closed (works as designed)

This one is tricky as services doesn't make special allowances for key-auth when checking for missing arguments. If the sessid is required, then that's more or less it in my opinion, it should be provided by the caller. If you prefer to use cookies, well, then the sessid param should probably be disabled in the key auth configuration.

/Hugo