Hi Andrei, Maybe it is not so prudent to discuss such security issues in public.
This is probably related to caching, most probably in your proxy, but it could be a problem in the server as well. From the perspective of the server, all your requests come from the same origin. I don't know how StHub is implemented in this respect, there could be some logic error somewhere. The thing with proxies is, most people don't have to deal with them, so those problems are not common. And to debug the situation is even harder, because you actually need a proxy. Sven On 05 May 2014, at 11:08, Andrei Chis <[email protected]> wrote: > Hi, > > We are multiple people behind a proxy and are having some strange issues with > logging in to smalltalk hub. > > I can log in successfully but then if my colleagues open their browsers to > log in they are also logged in as me!!!!!! > Furthermore if I open another browser I'm also logged in as me even if that > shouldn't be happening. > It even works if I switch to incognito mode with Chrome !!! > > Me colleagues can see my homepage including all my private projects. The good > part is that they can't edit or change > anything as they get an invalid password error when they try. > > Still this is bad. Has anyone else experienced this? Can it be some caching > issues with the proxy or with smalltalkhub? > > Cheers, > Andrei
