View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001429 | OXID eShop (all versions) | 4.07. Source code, Test | public | 2009-10-29 17:58 | 2012-12-10 13:45 |
| Reporter | tomas_liubinas | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Fixed in Version | 4.3.0 revision 26948 | ||||
| Summary | 0001429: "remoteaccess" parameter does not disable cookie check | ||||
| Description | "remoteaccess" parameter is used when shop is accessed remotely. Currently it disables user agent check, however it does not disable browser cookie check. Browser cookie check should be disabled when "remoteaccess" is set. | ||||
| Additional Information | Christopher Simon writes: Hi, question: why cookie check is performed, if "remoteaccess" param is set? the line (oxsession.php 636): $blDisableCookieCheck = $myConfig->getConfigParam('blDisableCookieCheck'); should be: $blDisableCookieCheck = $myConfig->getConfigParam( 'blDisableCookieCheck' ) || oxConfig::getParameter("remoteaccess") === true; If you want to "hijack" a session this is nearly neccessary. | ||||
| Tags | Cookies, Session | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | 5.2.6 | ||||
| Database Version | 5.0.33 | ||||
