git.koha-community.org Git - koha.git/commit

author	Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
	Thu, 24 Mar 2022 07:31:12 +0000 (07:31 +0000)
committer	Fridolin Somers <fridolin.somers@biblibre.com>
	Fri, 25 Mar 2022 00:22:09 +0000 (14:22 -1000)
commit	0b71d861eb5e00006a48772789a8031c0fcd3425
tree	06be91c1ddc32a282d9e7b539fc477e4b0de45f3	tree \| snapshot
parent	51ac4513f26a59fa93729e9ee3a81e4ddfdcf424	commit \| diff

Bug 29915: Prevent bad cookie from corrupted session

If there is deleted session info but no session->id, a wrong cookie
with empty name could be generated containing expired session id.

Test plan:
Run t/db_dependent/Auth.t
Login. Check cookies in browser.
Logout. Check cookies in browser.
Without this patch, you should see an invalid cookie.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

C4/Auth.pm		diff \| blob \| history
t/db_dependent/Auth.t		diff \| blob \| history