Closed
Bug 130386
Opened 22 years ago
Closed 22 years ago
tabbed browsing causes PHP session conflict
Categories
(SeaMonkey :: Tabbed Browser, defect)
Tracking
(Not tracked)
VERIFIED
INVALID
People
(Reporter: unit3, Assigned: jag+mozilla)
Details
This seems like a related problem to bug 101723, it looks like the cookie space across all tabs is shared, and this causes problems if 2+ pages from the same server attempt to use PHP sessions. It looks like since PHP sessions use the same cookie name by default, only distinguished by domain, the second session to become active will overwrite the first, effectively logging the user out of the first session. I stumbled across this by having a tab logged into Gallery (gallery.sourceforge.net) on my server, and then opening another tab and logging into Squirrel Mail (http://www.squirrelmail.org/) on the same server. When I returned to the Gallery tab, I had apparently been logged out (really, I had just lost the PHP session cookie value holding my login). So, a somewhat rare occurance, and difficult for others to verify, but I have consistantly reproduced on both 0.98 and 0.99 (202031104) under Win2k.
Assignee | ||
Comment 1•22 years ago
|
||
Correct me if I'm wrong, but won't the same problem occur if you do this with two windows instead of two tabs (please do test/confirm this assertion)? The browser as a whole "shares a cookie space", necessarily so, e.g. to allow you to log into slashdot in one window, and be able to go there in another window without having to log in again. If anything, this is a problem with the services you're using. Suggested resolution: invalid.
Reporter | ||
Comment 2•22 years ago
|
||
Hrm, you're correct, the same problem is exhibited in two seperate windows. I assumed that each window kept track of "expire at end of session" cookies seperately so that this problem wouldn't occur, but that doesn't seem to be the case. So, I'll go with your resolution, unless someone feels like implementing seperate track of session-only cookies in each window/tab. ;)
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → INVALID
Comment 3•22 years ago
|
||
mass-verification of Invalid bugs. if you don't think the report is invalid, please check to see if it has already been reported (it might be a duplicate instead). otherwise, make sure that there are steps (a valid test case) that clearly display the issue as an unexpected defect. mail filter string for bugspam: SequoiadendronGiganteum
Status: RESOLVED → VERIFIED
Updated•16 years ago
|
Product: Core → SeaMonkey
You need to log in
before you can comment on or make changes to this bug.
Description
•