Closed Bug 40631 Opened 24 years ago Closed 24 years ago

Bugzilla sets expired password cookies

Categories

(Bugzilla :: Bugzilla-General, defect, P3)

Product:
Bugzilla
Component:
Bugzilla-General
Platform:
Other
Other
Type:
defect

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: bugzilla, Assigned: justdave)

References

(
URL
)

Details

Though the Bugzilla_login and Bugzilla_logincookie cookies are set with an expiry date of 30-Jun-2029, the Bugzilla_password cookie is set with an expiry date of 30-Jun-80.

Set-Cookie: Bugzilla_login= ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT
Set-Cookie: Bugzilla_logincookie= ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT
Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT

I suspect this pre-expired cookie is why, though I have set Opera 4.0 beta 4 to accept cookies from Bugzilla, I nevertheless have to log in again and again before every search and transaction.
Correcting component...

Also, this password is expired on purpose.  You notice it's empty, too.  
Bugzilla no longer stores your password in a cookie.  It sets an expired empty 
cookie with that name in order to clear any existing cookies for the password on 
anyones' system that used it back when Bugzilla did put the password in a 
cookie.
Status: NEW → RESOLVED
Closed: 24 years ago
Component: Bonsai → Bugzilla
Resolution: --- → INVALID
I see, it was intentional.
Status: RESOLVED → VERIFIED
moving to Bugzilla product
reassign to default owner/qa for INVALID/WONTFIX/WORKSFORME/DUPLICATE
Assignee: tara → justdave
Component: Bugzilla → Bugzilla-General
Product: Webtools → Bugzilla
Version: other → unspecified
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.