[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org

savannah-hackers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org

From:	anonymous
Subject:	[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org
Date:	Wed, 22 May 2024 17:48:41 -0400 (EDT)

Follow-up Comment #9, sr #111062 (group administration):

[comment #6 comment #6:]
> My cookies:
> 
> savannah.nongnu.org
> 
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”.  All are in domain “savannah.nongnu.org”.
> 
> 
> savannah.gnu.org
> 
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something)  (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”. Not all in the same domain.
> 
> 
> 

[comment #8 comment #8:]
> Thank you, now I can reproduce this.
> 
> [comment #6 comment #6:]
> > session_hash=(something else) (domain=.savannah.gnu.org)
> ...
> > session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> It turns out that these stale cookies override the new ones; I've added some
code to remove them.
> 
> Let us see if other people are affected by other bugs.

[comment #6 comment #6:]
> My cookies:
> 
> savannah.nongnu.org
> 
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”.  All are in domain “savannah.nongnu.org”.
> 
> 
> savannah.gnu.org
> 
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something)  (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”. Not all in the same domain.
> 
> 
> 


    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/support/?111062>

_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/07
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/08
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/09
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Bob Proulx, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Jing Luo, 2024/05/10
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, James Youngman, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, Ineiev, 2024/05/11
- [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org, anonymous <=

Prev by Date: [sr #106712] accepting follow-ups by email
Previous by thread: [sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org
Next by thread: [sr #111064] Making 'main' the default branch in skribilo.git
Index(es):
- Date
- Thread