On Fri, 2008-05-30 at 23:39 -0400, Joey Hess wrote: > Ernesto Hernández-Novich wrote: > > Does not work if I set > > > > anonok => 0 > > httpauth => 1 > > Ok, I've finally managed to reproduce your problem. > > And it is a cookie problem. Since httpauth avoids the need to log in, > the login cookie is never set, so the session id varies every time. The > recent security fix exposed this latent bug, which was fixed a long time > ago in newer versions of ikiwiki. > > It may take a while for the security team to get a fixed version, in the > meantime, I've attached a patch.
I've just installed the patch from Security and everything seems to be working fine in the three sites I run with ikiwiki, so I believe the problem has been solved. Thank you for your time. -- Prof. Ernesto Hernández-Novich - MYS-220C Geek by nature, Linux by choice, Debian of course. If you can't aptitude it, it isn't useful or doesn't exist. GPG Key Fingerprint = 438C 49A2 A8C7 E7D7 1500 C507 96D6 A3D6 2F4C 85E3 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
