#5782: Auth.redirect session value lost when linking from external site.
-----------------------------------------------------+----------------------
Reporter: pearj | Owner:
Type: Bug | Status: new
Priority: Medium | Milestone: 1.2.x.x
Component: General | Version: RC3
Severity: Normal | Resolution:
Keywords: session login Auth.redirect external | Php_version: PHP 5
Cake_version: |
-----------------------------------------------------+----------------------
Comment (by pearj):
For a work around you can add this before session_start in
CakeSession::__startSession()
ini_set('session.referer_check', env('HTTP_REFERER'));
I don't think this is a particularly good idea to disable to http referer
session checking, but it fixed my immediate problem temporarily.
Oh, it looks like the referer check is by design in cakephp, I can see it
in __initSession()
{{{
switch($this->security) {
case 'high':
$this->cookieLifeTime = 0;
if ($ini_set) {
ini_set('session.referer_check', $this->host);
}
break;
case 'medium':
$this->cookieLifeTime = 7 * 86400;
if ($ini_set) {
ini_set('session.referer_check', $this->host);
}
break;
case 'low':
default:
$this->cookieLifeTime = 788940000;
break;
}
}}}
Hmm it seems odd to break the login process like that, to me at least.
--
Ticket URL: <https://trac.cakephp.org/ticket/5782#comment:4>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---