Loses information (session?) when browsing.

0 like
Like it!

Thursday 21 August 2003 4:55:56 am - 2 replies

2 replies

Author	Message
Jan Borsodi	Monday 25 August 2003 5:25:45 am My guess is this issue: Transparent session ID support exposes PHP to cross-site-scripting attacks. This is required for eZ publish to work properly with session if the cookie are not set in your browser. Also eZ publish escapes the session key so it's not possible to hack your site if transparent sessions are on. You should see if a cookie has been made in your browser, if not it won't know the session id from one page load to another. -- Amos Documentation: http://ez.no/ez_publish/documentation FAQ: http://ez.no/ez_publish/documentation/faq
Robin Sørlie	Tuesday 26 August 2003 8:02:44 pm Thx for your reply. Guess you're right, no cookies is saved in my browser. I will consult my server administrator and see if he can sort it out. thanks again.

Author

Message

Jan Borsodi

Monday 25 August 2003 5:25:45 am

My guess is this issue:
Transparent session ID support exposes PHP to cross-site-scripting attacks.

This is required for eZ publish to work properly with session if the cookie are not set in your browser.
Also eZ publish escapes the session key so it's not possible to hack your site if transparent sessions are on.

You should see if a cookie has been made in your browser, if not it won't know the session id from one page load to another.

--
Amos

Documentation: http://ez.no/ez_publish/documentation
FAQ: http://ez.no/ez_publish/documentation/faq

Robin Sørlie

Tuesday 26 August 2003 8:02:44 pm

Thx for your reply.

Guess you're right, no cookies is saved in my browser. I will consult my server administrator and see if he can sort it out.

thanks again.

You must be logged in to post messages in this topic!