]> git.koha-community.org Git - koha.git/commit
Bug 29915: Prevent bad cookie from corrupted session
authorMarcel de Rooy <m.de.rooy@rijksmuseum.nl>
Thu, 24 Mar 2022 07:31:12 +0000 (07:31 +0000)
committerFridolin Somers <fridolin.somers@biblibre.com>
Fri, 25 Mar 2022 00:22:09 +0000 (14:22 -1000)
commit0b71d861eb5e00006a48772789a8031c0fcd3425
tree06be91c1ddc32a282d9e7b539fc477e4b0de45f3
parent51ac4513f26a59fa93729e9ee3a81e4ddfdcf424
Bug 29915: Prevent bad cookie from corrupted session

If there is deleted session info but no session->id, a wrong cookie
with empty name could be generated containing expired session id.

Test plan:
Run t/db_dependent/Auth.t
Login. Check cookies in browser.
Logout. Check cookies in browser.
Without this patch, you should see an invalid cookie.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
C4/Auth.pm
t/db_dependent/Auth.t