You are viewing a plain text version of this content. The canonical link for it is here.

Posted to infrastructure-issues@apache.org by "Sebb (JIRA)" <ji...@apache.org> on 2008/01/31 22:05:08 UTC

[jira] Closed: (INFRA-1438) Cookie handling causes problems for IE and Opera

     [ https://issues.apache.org/jira/browse/INFRA-1438?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sebb closed INFRA-1438.
-----------------------

    Resolution: Fixed

Sorry, I forgot to close this earlier.

I've tested the updated Wiki cookie handling and all seems fine.

> Cookie handling causes problems for  IE and Opera
> -------------------------------------------------
>
>                 Key: INFRA-1438
>                 URL: https://issues.apache.org/jira/browse/INFRA-1438
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: MoinMoin
>            Reporter: Sebb
>            Priority: Minor
>
> The ASF wikis often have a common prefix, eg
> jakarta
> jakarta-commons
> jakarta-jmeter
> I've found that if one logs into jakarta with  IE or Opera, it's then impossible to login to jakarta-xxx - this seems to be because those browsers match the prefix when deciding to send the cookie.
> Edit: the problem is that the id from the jakarta cookie is assumed to be the id for tha jakarta-xxx wiki - the username is ignored (or at least not used to determine the id) when checking the login password. [Should have made this clear originally, sorry]
> Possible solutions:
> Edit: - ignore cookie when name and password are provided [this should be safe]
> - change cookie to include trailing / [Edit: would still need to deal with slashless cookies, so perhaps not good]
> I'm not particularly familiar with Python, but I may be able to provide patches ...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.