exception under certain conditions #36

lloyd opened this Issue Apr 19, 2013 · 8 comments


None yet

4 participants

lloyd commented Apr 19, 2013

I don't understand what those conditions are yet (guessing it's when a cookie is set and I change the secret??). Here's my cookie:

Name:   session_state
Content:        PkZ1D8OWfcOZNm8BFMOcw4vDgsO0wrk.w4PDllrDl39zCMO9T8OVwpNUwp42woJwE8O6w7VDw5ttw5vClztRQ 8OnNMKVBMOYwqHDh3Zpw4luUsKLw7LDoMKWLMOAw6VKMw.1366288094330.wpfChGVmJhVTNcKQw6sWbcOFwrgqQFNhVB9vR8KWEcO5dcKWw7TDksO3Z8O4
Domain: mozilla.personatest.org
Path:   /
Send for:   Any kind of connection
Accessible to script:   No (HttpOnly)
Created:    Thursday, April 18, 2013 6:28:14 AM
Expires:    Thursday, May 2, 2013 6:28:14 AM

Here's the stack trace:

TypeError: Cannot read property 'content' of undefined
    at Object.Session.unbox (/home/app/code/node_modules/client-sessions/lib/client-sessions.js:202:24)
    at Object.Session.loadFromCookie (/home/app/code/node_modules/client-    sessions/lib/client-sessions.js:229:12)
    at Object.Session.monitor.sessionHandler.get (   (/home/app/code/node_modules/client-sessions/lib/client-sessions.js:262:37)
    at Object.module.exports [as handle]  (/home/app/code/node_modules/express/node_modules/connect/lib/middleware/csrf.js:77:28)
    at next (/home/app/code/node_modules/express/node_modules/connect/lib/http.js:204:15)
    at Object.cookieSession [as handle] (/home/app/code/node_modules/client-sessions/lib/client-sessions.js:345:5)
    at next (/home/app/code/node_modules/express/node_modules/connect/lib/http.js:204:15)
    at Object.methodOverride [as handle] (/home/app/code/node_modules/express/node_modules/connect/lib/middleware/methodOverride.js:35:5)
    at next (/home/app/code/node_modules/express/node_modules/connect/lib/http.js:204:15)
    at Object.bodyParser [as handle] (/home/app/code/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:88:61)
@lloyd lloyd added a commit to lloyd/mozilla-idp that referenced this issue Apr 19, 2013
@lloyd lloyd downgrade client-sessions to escape mozilla/node-client-sessions#36 fe89fe0
pcimino commented May 9, 2013

I'm running into this too. And it began when I started generating the secret key on server start up.

One issue is when decode() runs, it returns null (as it should).
var unboxed = decode(this.opts, content);
The problem occurs a couple of lines down

It appears to be a simple fix but I'm not familiar enough with the code to say this is the only (potential) issue.

After the var unboxed = wrap the remaining code in the function with if (unboxed) {...}

pcimino commented May 9, 2013

Looks like this is fixed:
var unboxed = decode(this.opts, content);
if (!unboxed) return;
But not yet in the NPM module code


Yea, I ran into this while addressing #38, and fixed it while I was in there.

pcimino commented May 13, 2013

What is the cycle to get the current codebase (marked 0.2.0) pushed to the npm module (also marked 0.2.0 in the package.json)?


we poke the module owner, @benadida, to push a new version :D

lloyd commented May 13, 2013

@benadida? @warner? who can tag and push?

@lloyd lloyd added a commit to mozilla/eyedee.me that referenced this issue May 14, 2013
@lloyd lloyd roll back to client-sessions 0.1.0 - see mozilla/node-client-sessions#36
pcimino commented May 15, 2013


On Mon, May 13, 2013 at 7:55 PM, Ben Adida notifications@github.com wrote:

cha-ching: https://npmjs.org/package/client-sessions

Reply to this email directly or view it on GitHubhttps://github.com/mozilla/node-client-sessions/issues/36#issuecomment-17848836

Paul L. Cimino, MS, MBA
Trans Lunar Designs, Inc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment