| Summary | Logout incomplete, leaving non-terminated cookies behind |
| Queue | IMP |
| Queue Version | 4.0.3 |
| Type | Bug |
| State | Not A Bug |
| Priority | 2. Medium |
| Owners | |
| Requester | bink (at) eezi (dot) net (dot) au |
| Created | 11/15/05 (7529 days ago) |
| Due | |
| Updated | 11/17/05 (7527 days ago) |
| Assigned | 11/15/05 (7529 days ago) |
| Resolved | 11/17/05 (7527 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
being created for the wrong subdir on the server. Sorting this has
stopped the problem.
Apologies for drawing on your time, and thanks a lot for all the help.
Great software guys, keep up the good work.
Cheers
Paul
fail. For instance, if a site's session storage were to reset for some
reason, I should be able to login even though I have an existing cookie.
Besides, we set a _new_ session cookie forcibly on login to prevent
session fixation. So something odd is going on for you, either in the
browser (is this consistent on all platforms for you? Have you tested
multiple browser/os combinations?) or the PHP side.
it set, however, upon logout, the system should set the expiry to the
past for the cookie to be removed, regardless of the lifespan
Horde
imp_key
auth_key
Removing the Horde Cookie causes the site to function as expected.
Regards
Paul
State ⇒ Feedback
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ Logout incomplete, leaving non-terminated cookies behind
Queue ⇒ IMP
State ⇒ Unconfirmed
process on next attempt. Does not affect ability to login with
standard Imp interface, but will stop login from a custom page.
To reproduce, clear cookies, log into Imp, then log out.
Try to use a post from a separate form (eg on a website front end) the
login will fail. Deleting cookies from the client machine fixes the
issue.
Paul