From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0rc1) Gecko/20020425 BuildID: 0000000000 On the American Airlines website, you can login using your frequent flier account number and password in order to book reservations, view miles, etc. When you login, you input both the id and a password so that you can then visit other sections of the website, during this session, without being prompted again. With Mozilla 1.0rc1, once you're given this login screen, you are seemingly able to login, but any attempts to visit 'restricted' sections of the website are met with the same login screen. Using Netscape 4.76 on Linux and IE 5 on Windows, you get the expected result of not being prompted with this screen. Reproducible: Always Steps to Reproduce: 1. Go to http://www.aa.com/ and press the login button on the top of the screen. 2. Login with your AAdvantage number and password. 3. Attempt to then use the "Reservations" -> "View Reservations" sidebar menu to look at things currently booked. Actual Results: I'm prompted for the same login screen as I saw when I first hit the login button. Expected Results: I would have expected it to do the authorization properly so I could continue on without needing to login to each and every page. This may be difficult to reproduce without an account/AAdvantage number with American. I'm more than happy to help out in any way I can, however.
Josh, what are your cookie settings set to?
Oops, My mistake... they were set for originating site only. All is fine if I just accept all cookies.
Josh, are the hostnames involved actually different? Or are they all www.aa.com?
It's not obvious to me that there's any changing of hostnames from aa.com. Certainly the URL never changes in an obvious way to the user... There may be some redirection behind the scenes that I'm not aware of. Another interesting 'feature' is that when I only accept cookies from the originating site and attempt to enter a restricted section, without having gone through the 'login' button process, I'm prompted by said login screen, can enter my username/password and it works for that one page, but any attempts to visit further pages result in the issue I described: another login screen. This is probably why I didn't think to check my cookies the first time through.
Sounds like something's weird in cookie-land here... :)
Assignee: sgehani → morse
Status: UNCONFIRMED → NEW
Component: XP Apps → Cookies
Ever confirmed: true
QA Contact: paw → tever
I'd tend to agree. There's a strong possibility they have something going on where I'm getting a cookie from something other than aa.com. I'd be more than happy to wipe out cookies and see what I get if you think it'd help.
Although the symptoms are different, the patch just posted to bug 137079 will probably fix this bug as well. Can someone who can reproduce this bug please apply that patch and see if it takes care of this problem.
Status: NEW → ASSIGNED
Keywords: mozilla1.0, nsbeta1
Target Milestone: --- → mozilla1.0
I applied this patch to source I checked out last night. It does indeed seem to fix my issue. My vote is "Ship It."
Depends on: 137079
Being marked fixed since the patch for 137079 is checked in on trunk. However it is not yet fixed on the branch.
Status: ASSIGNED → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED
verified branch and trunk
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.