[Koha-devel] [Bug 117] Authentication URLs contain failed authentication information
bugzilla-daemon at wilbur.katipo.co.nz
bugzilla-daemon at wilbur.katipo.co.nz
Fri Oct 25 15:05:04 CEST 2002
http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=117
tonnesen at cmsd.bc.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From tonnesen at cmsd.bc.ca 2002-10-26 11:04 -------
Fixed, with a bit of a hack. Auth.pm now removes any userid or password
parameters in the URL that it is called with. This isn't necessarily a good
thing. It's possible that a valid form could be filled out, then the timeout
expires before the user hits submit. If the user then fails to login
successfully, any userid or password parameters from that original form will be
blanked out when they user does log in successfully.
This is an awful lot of 'if's but it _could_ happen. :)
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Koha-devel
mailing list