Closed
Bug 222779
Opened 21 years ago
Closed 17 years ago
frames and You are not authorized to access ... not remembering user login either
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: jpyeron, Unassigned)
Details
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322) Build Identifier: ie 6.0 I have sever bz links in my javadoc (which use frames) on my local disk (c:\projects...) I load up the html, click a bz link it burps that I am required to login (we have groups enabled, more if needed) so I login, then it drops me on the query page ???? so i put the bug number in back to start ... but if I choose open link in new window (my login is still remembered) the bug shows up. Reproducible: Always Steps to Reproduce:
Comment 1•21 years ago
|
||
Bugzilla doesn't really have a way to know if it's inside a frame or not. That sounds like a bug in your browser if it's not delivering an existing cookie to a page opened inside a frame...
Reporter | ||
Comment 2•21 years ago
|
||
(yes I assumed that, I guess I should of explicitly stated it) but it is an issue all the same. is it worth looking into how IE delivers cookies from inside frames?
Comment 3•21 years ago
|
||
Yeah, if we can find a way to work around it, there's no reason not to. Or at least document what needs to happen if it's something the user has to change on their end. I have a feeling it's probably related to security settings... Mozilla prevents javascript from accessing the contents or properties of a subframe that has loaded a document from a different hostname than the one the parent frame loaded from. Perhaps IE doesn't have that restriction, and thus prevents sending cookies as an alternate way to stop the parent javascript from accessing cookies from another site.
Reporter | ||
Comment 4•21 years ago
|
||
some googling... http://support.microsoft.com/support/kb/articles/Q182/5/69.ASP http://216.239.41.104/search? q=cache:rIN3lFNTwrsJ:pub80.ezboard.com/fcafepressstoreownersforumfrm24.showMessa ge%3FtopicID%3D5.topic+IE+cookies+frames&hl=en&lr=lang_en&ie=UTF-8 http://pub80.ezboard.com/fcafepressstoreownersforumfrm24.showMessage? topicID=5.topic
Comment 5•20 years ago
|
||
We put a bugzilla 2.16.5 link into a frame and when people do anything they have to login again. Take it out of the frame and it works fine. The two people reporting this are on MSIE. I'm on Mozilla and I haven't see it yet.
Reporter | ||
Comment 6•20 years ago
|
||
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q283185 http://www.w3.org/P3P/ http://p3ptoolbox.org/guide/ http://www.w3.org/TR/p3pdeployment in short, if the domain does not match, or esp if the frames are c:\whatever and bz is bz.domain.com you need to add bz.domain.com to your less secure/trusted sites in IE.
Comment 7•19 years ago
|
||
Reassigning bugs that I'm not actively working on to the default component owner in order to try to make some sanity out of my personal buglist. This doesn't mean the bug isn't being dealt with, just that I'm not the one doing it. If you are dealing with this bug, please assign it to yourself.
Assignee: justdave → general
QA Contact: mattyt-bugzilla → default-qa
Reporter | ||
Comment 8•19 years ago
|
||
I alway like to bugzilla as target="_top", which removes the frames, how about a refresh link, to do the same on the error message based on the refer header?
Comment 9•17 years ago
|
||
(In reply to comment #3) > I have a feeling it's probably related to security settings... Mozilla > prevents javascript from accessing the contents or properties of a subframe that > has loaded a document from a different hostname than the one the parent frame > loaded from. Yes, correct. And I think that's a good reason to not try to work around this.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•