Closed
Bug 297763
Opened 19 years ago
Closed 19 years ago
sessions still exist in new windows
Categories
(SeaMonkey :: Security, defect)
SeaMonkey
Security
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 117222
People
(Reporter: pumuckly, Assigned: dveditz)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; hu-HU; rv:1.7.8) Gecko/20050511 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; hu-HU; rv:1.7.8) Gecko/20050511 I open URL which use session. After when I close that window, the cookie still exist while I don't close all mozilla applications! In Internet Explorer the cookies still opened only for the child windows, but the outer windows couldn't acces the session cookies. For example: - If I open a new IE browser (from "Start menu" or desktop) the another window's session cookies couldn't accessable. But! If I open a new window from exist browser's window (Ctrl+N, popup window, frames), the new window inherit the session. - Another side: In Mozilla the new window allways inherited the session cookies from all opened windows, don't seperate the sessions! Reproducible: Always Steps to Reproduce: 1. Open a new browser-window (from Start menu) and Open any URL wich use session and login to site. 2. Open another browser-window (from Start menu) and open another URL. 3. Close first window. 4. Open 3rd browser-window (from Start menu) and open the URL which use first window. Actual Results: In the 3rd browser-window the user still logged in to the site! In the internet coffee-s (or "one computer for lot's people" style workplace, internet access point, etc.) this is big security hole, because not enough to close used browser-windows, must be close all mozzila application (mail, browser, calendar, composer). Expected Results: The "session-inherit" must work only the child-opened windows (ie. new tab, popup windows, frames, iframes), but the "master-opened" windows (from start menu) don't inherited the previously opened windows sessions.
Comment 1•19 years ago
|
||
duplicate of old bug that's not security sensitive. clearing flag. *** This bug has been marked as a duplicate of 117222 ***
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•19 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•