It seems that the webform module token variables like %session and %cookie no longer work for anonymous users. They used to. Using drupal 6, latest version. Works if logged in though. No caching turned on at all.

Comments

thetrickyt’s picture

thetrickyt commented

I second that - just shows a blank field instead of the default from the Session. Using the same version.

kndr’s picture

kndr
he/him
Primary language Polish
Location Rybnik, Poland
commented

It is very important feature. Look at description in webform.module:

This is disabled by default to prevent user data from being preserved in the anonymous page cache and should only be used in non-cached situations, such as e-mails.

But if you modify webform with my patch you could use %session value since cache is turned off for webforms. Go to http://drupal.org/node/584852#comment-2384082

quicksketch’s picture

quicksketch
he/him
commented
Status: Active » Closed (duplicate)

The presence of %session, %cookie, %post and %server variables caused a security problem, as noted in #604958: %profile and %server default values broken. kndr's patch looks promising though, let's continue over in #584852: Allow anonymous form submissions to be viewed/edited.