Skip to content

v0.5.1 — session cookie fix + deck activation race

Choose a tag to compare

View all tags
@asm0dey asm0dey released this 23 May 15:44
· 22 commits to main since this release
v0.5.1
5f01520

Fixes

  • Session lookup 500 after upgrading to v0.5.0. v0.5.0 moved presenter sessions to Spring Session JDBC. A returning visitor's stale SP_SESSION cookie (an old Tomcat in-memory session id from the pre-session app) was base64-decoded into bytes containing a 0x00, and that NUL was passed into the Postgres WHERE SESSION_ID = ? lookup — throwing invalid byte sequence for encoding "UTF8": 0x00 and returning HTTP 500 on every request that carried such a cookie.

    CachingSessionRepository now ignores a malformed (NUL-bearing) session id and treats it as "no session", so Spring issues a fresh one and replaces the bad cookie on the next response. Affected clients self-heal on their next request — no manual cookie purge or schema change required.

  • Deck slide navigation could clear the active question. When advancing slides quickly, the deck's slide-leave /close (scoped to the question that slide opened) could race past the next slide's /activate and null the active question — the guard was decided on an unlocked read and then closed whatever was active. The conditional close is now applied atomically under the poll-row lock, so it is a true no-op once the active question has moved on.

Upgrade: drop-in over v0.5.0. No migrations, no config changes.

Backend image: ghcr.io/asm0dey/slidev-polls:v0.5.1 · npm: @slidev-polls/*@0.5.1

Full changelog: v0.5.0...v0.5.1

Assets 2
Loading