Hi Christopher, Yup, you are right. I added the bugtrack entry. Thanks.
https://bugs.oxid-esales.com/view.php?id=1429 Regards Tomas Liubinas > -----Original Message----- > From: [email protected] [mailto:dev-general- > [email protected]] On Behalf Of Christopher Simon > Sent: Wednesday, October 28, 2009 8:10 PM > To: [email protected] > Subject: [oxid-dev-general] remoteaccess > > Hi, > > question: why cookie check is performed, if "remoteaccess" param is set? > > the line (oxsession.php 636): > > $blDisableCookieCheck = $myConfig->getConfigParam('blDisableCookieCheck'); > > > should be: > > $blDisableCookieCheck = $myConfig->getConfigParam( > 'blDisableCookieCheck' ) || oxConfig::getParameter("remoteaccess") === > true; > > If you want to "hijack" a session this is nearly neccessary. > _______________________________________________ > dev-general mailing list > [email protected] > http://dir.gmane.org/gmane.comp.php.oxid.general _______________________________________________ dev-general mailing list [email protected] http://dir.gmane.org/gmane.comp.php.oxid.general
