View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001815 | OXID eShop (all versions) | 4.02. Session handling | public | 2010-05-06 15:16 | 2010-07-30 10:00 |
| Reporter | sarunas_valaskevicius | Assigned To | |||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | Past development | ||||
| Fixed in Version | 4.4.2 revision 29492 | ||||
| Summary | 0001815: different SSL domain login problems | ||||
| Description | After logging in, the user is redirected to the shop ssl url. The links to products and other items in this stage are non-ssl. If sSSLShopURL domain is different from the normal shop domain, then, after going to some non ssl link, the user is not logged in - session id for ssl url is different and is not synchronized to the non-ssl url. Also, if ssl and non-ssl domains are same, user gets a logout link to ssl if being in the non-ssl page, and to non-ssl if user is in ssl page. (this behaviour should be unified.) Similar problems should exist (needs to be explicitly checked, as I can only guess now, since different domains for ssl and non-ssl do not work) - the "keep logged in" cookie should be deleted from both ssl and non-ssl domains after logging out. | ||||
| Tags | No tags attached. | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | any | ||||
| Database Version | any | ||||
