Summary | cookie does not set path information and http status codes are wrong |
Queue | Horde Groupware |
Queue Version | 4.0.8 |
Type | Bug |
State | No Feedback |
Priority | 2. Medium |
Owners | |
Requester | best (at) univention (dot) de |
Created | 10/18/2012 (4620 days ago) |
Due | |
Updated | 11/26/2012 (4581 days ago) |
Assigned | 10/18/2012 (4620 days ago) |
Resolved | 11/26/2012 (4581 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | |
Patch | No |
State ⇒ Feedback
sent to every part of the domain. This causes the abbility to steal
my login for other users of the server.
I am not able to see if login was successfull because even on login
failure there is sent a 200 OK response code.
Priority ⇒ 2. Medium
Patch ⇒ No
Milestone ⇒
Queue ⇒ Horde Groupware
Summary ⇒ cookie does not set path information and http status codes are wrong
Type ⇒ Bug
State ⇒ Unconfirmed
sent to every part of the domain. This causes the abbility to steal my
login for other users of the server.
Also on logout the cookie is not destroyed.
And Horde does not use HTTP properly as defined in RFC 2616.
I am not able to see if login was successfull because even on login
failure there is sent a 200 OK response code.
i would like to see changes in horde 4.0.9