#10029: make cookies more secure
-------------------------+--------------------------------------------------
Reporter: jason | Owner: jason, was
Type: defect | Status: needs_work
Priority: major | Milestone:
Component: notebook | Keywords:
Author: Tim Dumol | Upstream: N/A
Reviewer: | Merged:
Work_issues: |
-------------------------+--------------------------------------------------
Comment(by jason):
Here is the bug report (repeated on this ticket for clarity and
completeness)
I installed this on my server (4.5.2) where I have apache forwarding port
80 (outside) to port 8000 (the local sage server). On logging in, I get a
browser message: "Please enable cookies or delete all Sage cookies and
localhost cookies in your browser and try again." In Firebug, I see I have
two cookies: {{{cookie_test_80}}}, and nb_session_8000}}}. That looks
wrong, doesn't it?
When I delete all of my cookies from that server, I still can't log in
(same error). After the error page comes up, and I click "Continue", I see
the {{{cookie_test_80}}} cookie show up in FireCookies?.
Before the patch, I see a {{{cookie_test_8000}}} and a
{{{nb_session_8000}}} cookie. So maybe the problem is that after the patch
above, we have a {{{cookie_test_80}}} cookie.
--
Ticket URL: <http://trac.sagemath.org/sage_trac/ticket/10029#comment:3>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/sage-trac?hl=en.
