[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org

anonymous Wed, 22 May 2024 14:49:03 -0700

Follow-up Comment #9, sr #111062 (group administration):

[comment #6 comment #6:]
> My cookies:
> 
> savannah.nongnu.org
> 
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”.  All are in domain “savannah.nongnu.org”.
> 
> 
> savannah.gnu.org
> 
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something)  (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”. Not all in the same domain.
> 
> 
>


[comment #8 comment #8:]
> Thank you, now I can reproduce this.
> 
> [comment #6 comment #6:]
> > session_hash=(something else) (domain=.savannah.gnu.org)
> ...
> > session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> It turns out that these stale cookies override the new ones; I've added some
code to remove them.
> 
> Let us see if other people are affected by other bugs.

[comment #6 comment #6:]
> My cookies:
> 
> savannah.nongnu.org
> 
> SV_THEME=Savannah
> redirect_to_https=1
> session_hash=(something)
> session_uid=(something)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”.  All are in domain “savannah.nongnu.org”.
> 
> 
> savannah.gnu.org
> 
> No SV_THEME cookie.
> redirect_to_https=1 |(domain=savannah.gnu.org)
> session_hash=(something)  (domain=savannah.gnu.org)
> session_hash=(something else) (domain=.savannah.gnu.org)
> session_uid=(something) (somain=savannah.gnu.org)
> session_uid=(the same value) (domain=.savannah.gnu.org)
> 
> All cookies are HttpOnly.   Session_hash and session_uid are marked
“secure”. Not all in the same domain.
> 
> 
> 


    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/support/?111062>

_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/

[sr #111062] Can log into savannah.nongnu.org but not savannah.gnu.org

Reply via email to