Hi!
We've had a bit of a problem with the session handling in our somewhat
patched OTRS 1.3.2. The customer logout URL is an external link, and
when people logged out and then back in during the same browser
session, the now invalid session cookie would still be alive. Since
this would never be reset by customer.pl, this caused them to be
redirected back to the login page again and again. The following
patch seems to have fixed the problem, by including the cookie
information in the redirect page, so that the session cookie is
blanked when they log out:
====
Index: Generic.pm
===================================================================
--- Generic.pm (revision 39)
+++ Generic.pm (working copy)
@@ -803,6 +803,7 @@
if ($Param{ExtURL}) {
# external redirect
$Param{Redirect} = $Param{ExtURL};
+ $Param{Cookies} = $Output;
return $Self->Output(TemplateFile => 'Redirect', Data => \%Param);
}
else {
Index: Lite/Redirect.dtl
===================================================================
--- Lite/Redirect.dtl (revision 39)
+++ Lite/Redirect.dtl (working copy)
@@ -14,5 +14,6 @@
Status: 302 Moved
location: $Data{"Redirect"}
X-Powered-By: $Env{"Product"} $Env{"Version"} - Open Ticket Request System
(http://otrs.org)
+$Data{"Cookies"}
document <a href="$Data{"Redirect"}">moved</a>
Index: Standard/Redirect.dtl
===================================================================
--- Standard/Redirect.dtl (revision 39)
+++ Standard/Redirect.dtl (working copy)
@@ -14,5 +14,6 @@
Status: 302 Moved
location: $Data{"Redirect"}
X-Powered-By: $Env{"Product"} $Env{"Version"} - Open Ticket Request System
(http://otrs.org)
+$Data{"Cookies"}
document <a href="$Data{"Redirect"}">moved</a>
====
Regards,
--
Kristoffer.
_______________________________________________
OTRS mailing list: dev - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/dev
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/dev
