[Koha-bugs] [Bug 29915] Anonymous session generates 1 new session ID per hit
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Mar 24 09:43:18 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29915
Marcel de Rooy <m.de.rooy at rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #132101|0 |1
is obsolete| |
--- Comment #121 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Created attachment 132104
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=132104&action=edit
Bug 29915: Prevent bad cookie from corrupted session
If there is deleted session info but no session->id, a wrong cookie
with empty name could be generated containing expired session id.
Test plan:
Run t/db_dependent/Auth.t
Login. Check cookies in browser.
Logout. Check cookies in browser.
Without this patch, you should see an invalid cookie.
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list