security::csrf::session_id (private)

 security::csrf::session_id

Defined in packages/acs-tcl/tcl/security-procs.tcl

Return an ID for the current session for CSRF protection

Returns:
session ID

Partial Call Graph (max 5 caller/called nodes):
%3 security::csrf::token security::csrf::token (private) security::csrf::session_id security::csrf::session_id security::csrf::token->security::csrf::session_id ad_conn ad_conn (public) security::csrf::session_id->ad_conn

Testcases:
No testcase defined.
Source code:
        if {![ns_conn isconnected]} {
            #
            # Must be a background job, take the address
            #
            set session_id [ns_info address]
        } elseif {[ad_conn untrusted_user_id] == 0} {
            #
            # Anonymous request, use a peer address as session_id
            #
            set session_id [ad_conn peeraddr]
        } else {
            #
            # User is logged-in, use a session token.
            #
            set session_id [ad_conn session_id]
        }
        return $session_id
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: