Closed
Bug 507756
Opened 15 years ago
Closed 15 years ago
getpersonas.com and www.getpersonas.com don't share PERSONA_USER cookie
Categories
(Websites Graveyard :: getpersonas.com, defect)
Websites Graveyard
getpersonas.com
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: myk, Assigned: zandr)
References
Details
getpersonas.com and www.getpersonas.com don't share the PERSONA_USER cookie they set to specify that a user is signed in, which means that a user can be signed in at one of those domains while not being signed in at the other. That seems like a wonky user experience, and it can make it more cumbersome to implement certain features in the extension (like bug 505846). One fix would be to set a domain cookie (.getpersonas.com) instead of a host cookie (getpersonas.com or www.getpersonas.com). That'll require a change to the way bug 505846 is implemented, although it shouldn't be hard. The simplest fix would be to redirect getpersonas.com to www.getpersonas.com. Then the client code can assume that users are always on www.getpersonas.com when they authenticate and access the cookie only from that host.
Comment 1•15 years ago
|
||
I vote for redirection.
Assignee | ||
Comment 3•15 years ago
|
||
OK, this is fixed with a TrafficScript that 301s to www.getpersonas.com
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Comment 4•15 years ago
|
||
Verified, FIXED. getpersonas.com get redirected to www.getpersonas.com Verified on Mac/Win/Linux
Status: RESOLVED → VERIFIED
Updated•11 years ago
|
Product: Websites → Websites Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•