Session timeout, has to be top priority!!!

Martin Marques martin at bugs.unl.edu.ar
Fri Sep 8 16:29:38 CEST 2006


On Fri, 8 Sep 2006, Thomas Brüderli wrote:
> Martin Marques wrote:
>>
>> Besides the draft saving, could this also happen when deleting lots of
>> mails, one at a time? Like hitting constantly the delete botton?
>
> Could be. It actually can happen when there are concurrent requests and
> one of them gets a new cookie value. To prevent problems here, the "old"
> cookie will still be accepted as well in revision 338.

Doesn't this reopen the security problem related to autentication cookie?

--
  21:50:04 up 2 days,  9:07,  0 users,  load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués         |   SELECT 'mmarques' ||
Centro de Telemática        |       '@' || 'unl.edu.ar';
Universidad Nacional        |   DBA, Programador,
     del Litoral             |   Administrador
---------------------------------------------------------


More information about the Dev mailing list