On Fri, Dec 5, 2014 at 12:56 PM, David Precious <davidp@preshweb.co.uk> wrote:

On Thu, 4 Dec 2014 13:15:14 +0200
Gabor Szabo <gabor@szabgab.com> wrote:

> Hi,
>
> in a Dancer application I have sessions turned on in config.yml
> If the route calls template(), the session is created and the cookie
> is sent.
[...]
> but I was wondering, is this behavior (that it is template() that
> sets the cookie) on purpose?

Attempting to fetch a session creates one if one doesn't yet exist.

template() calls Dancer::Template::Abstract::_prepare_tokens_options()
which pre-populates the template tokens with some useful information
the template may use, including information about the request, the
Dancer version in use, and - the cause of this behaviour - the session
(so that templates can say e.g. "Hi, [% session.username %]!").

So, yes, it's expected.

There's an argument to be made that creating a session just because you
tried to read from it is sub-optimal, and that the session creation
should be deferred until such time as you try to actually store
something in to it - but that's probably unlikely to change in D1.

Does this behave differently in D2 ?

Would it be possible to add a config option to turn this off in D1?

Gabor