Session storage in a cookie silently fails and saves nothing if it can't serialize session

Description

Set session storage to "cookie" in an app and add this code to the page:

session.foo = createObject('java','java.lang.System');

If there is no session cookie already, none will be created. If there is already a session cookie it will not be updated. There are no errors in the web page nor in the logs or any sort. Lucee just silently fails to save the session and swallows any errors so it's impossible to debug.

The example above is very simple. The same happens if the system reference is nested inside of a CFC. This is actually how I found it-- trying to put a CFC in the session scope that ultimately had this reference inside of it. I had to track all the variables down one by one many CFCs deep to finally find the one causing the issue. Any fix to this ticket must include better logging too when things go wrong!

Environment

None

Activity

Michael Offner 
13 January 2020 at 15:37

not sure if that process happens in the same thread…

Details

Assignee

Reporter

Priority

New Issue warning screen

Before you create a new Issue, please post to the mailing list first https://dev.lucee.org

Once the issue has been verified, one of the Lucee team will ask you to file an issue

Created 21 November 2019 at 19:53
Updated 13 September 2020 at 12:12