[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org
From: |
anonymous |
Subject: |
[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org |
Date: |
Wed, 22 May 2024 17:48:41 -0400 (EDT) |
Follow-up Comment #9, sr #111062 (group administration):
[comment #6 comment #6:]
> My cookies:
>
> savannah.nongnu.org
>
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
>
> All cookies are HttpOnly. Session_hash and session_uid are marked
“secure”. All are in domain “savannah.nongnu.org”.
>
>
> savannah.gnu.org
>
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something) (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
>
> All cookies are HttpOnly. Session_hash and session_uid are marked
“secure”. Not all in the same domain.
>
>
>
[comment #8 comment #8:]
> Thank you, now I can reproduce this.
>
> [comment #6 comment #6:]
> > session_hash=(something else) (domain=.savannah.gnu.org)
> ...
> > session_uid=(the same value) (domain=.savannah.gnu.org)
>
> It turns out that these stale cookies override the new ones; I've added some
code to remove them.
>
> Let us see if other people are affected by other bugs.
[comment #6 comment #6:]
> My cookies:
>
> savannah.nongnu.org
>
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
>
> All cookies are HttpOnly. Session_hash and session_uid are marked
“secure”. All are in domain “savannah.nongnu.org”.
>
>
> savannah.gnu.org
>
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something) (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
>
> All cookies are HttpOnly. Session_hash and session_uid are marked
“secure”. Not all in the same domain.
>
>
>
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/support/?111062>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/07
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/08
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/09
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Bob Proulx, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Jing Luo, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org,
anonymous <=