Closed
Bug 18331
Opened 25 years ago
Closed 25 years ago
Random login failures at etrade
Categories
(Core :: Networking, defect, P3)
Tracking
()
M12
People
(Reporter: jevering, Assigned: jud)
References
()
Details
1) go to www.etrade.com
2) login to account
3) if login is successfull, exit browser
4) reload browser and repeat login
You will get a "You are tring to logon with a page from the browser's cache"
error from etrade... and you cannot login.
Updated•25 years ago
|
Assignee: warren → valeski
Comment 4•25 years ago
|
||
This bug is very sporadic, I cannot create a set of reproducible steps, I wonder
if somehow e*trade maintains a session or a record of your login after you have
shutdown causing the seemingly randomness.
A few times I was able to make it fail by creating a new profile and then
attempting to login, then after a restart things were okay, which was possibly
due to an empty cookies file? But then I create a new profile and logged in
first time, so I basically have no clue.
Assigning to jud, he wanted this bug. added warren to cc: in case he is still
interested
Assignee | ||
Updated•25 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 5•25 years ago
|
||
I've been debugging this for hours... No luck. We're sending the same HTTP
headers for successful logins as we are for unsuccessful. I think this is
boiling down to some kind of form posting bug. Etrade sticks a hidden session_id
field in the form for posting, they also set a session id cookie. I think
they're using the two in combination to "determine" whether you're trying to
login from a cached page (which would be bad from their perspective). Both id's
are cryptic, but probably maintain some time interval, date, true tracking ID
and other cruft. BUUUTTT, this doesn't seem to make sense considering a login
can fail given a fresh profile (i.e. no knowledge on the lcient's part about
cookies to set, or form fields). hmmm
Assignee | ||
Comment 6•25 years ago
|
||
no we're getting somewhere. when accessing the href of hte Log On image on the
front page (www.etrade.com) with 4.x, I get login failures, everytime. The url
is: https://trading.etrade.com/cgi-bin/gx.cgi/AppLogic+Loginpage
Assignee | ||
Comment 7•25 years ago
|
||
I'm getting the same behavior just noted in 5.0.
Note: etrade does *not* require cookies to operate. Under 4.x I can navigate
etrade w/ out incident with cookies disabled.
Assignee | ||
Updated•25 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Comment 8•25 years ago
|
||
Got it! Etrade is playing *every* trick in the book in order to ensure you can
login, regardless of whether or not you have cookies enabled. They use a
combination of hidden form elements and cookies to set session ids. All this
seems to be on the up-and-up. I hard coded a referer: header to the etrade url
that shows up in the url bar after loading www.etrade.com (just to feed it
something it would recognize) and guess what... Mikey likes it.
*** This bug has been marked as a duplicate of 1582 ***
Bulk move of all Necko (to be deleted component) bugs to new Networking
component.
Updated•25 years ago
|
Status: RESOLVED → VERIFIED
Comment 10•25 years ago
|
||
[bugday] interesting investigation. verified duplicity.
You need to log in
before you can comment on or make changes to this bug.
Description
•