Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Default cookie domain value in header can't contain port number #5114

Closed
rixbeck opened this issue Apr 4, 2016 · 1 comment
Closed

[BUG] Default cookie domain value in header can't contain port number #5114

rixbeck opened this issue Apr 4, 2016 · 1 comment
Assignees
@CarsonF
Labels
blocking release bug A bug that has been verified regression
Milestone
Bolt 3.0 - Featur...

Comments

@rixbeck
Copy link
Member

rixbeck commented Apr 4, 2016

In case of server addressed via any port number like http://bolt.me:8080 and no explicit cookies_domain value set to .bolt.me then right session storage can't be reached by the app.
This will be producing CSRF errors at first user creation like mentioned in #5014.

Details

  • Bolt Version: [ master ]

Screenshot:
Response header
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CarsonF CarsonF

Labels
blocking release bug A bug that has been verified regression
Projects
None yet
Milestone
Bolt 3.0 - Feature release
Development

No branches or pull requests
4 participants
@rixbeck @CarsonF @GwendolenLynch @bobdenotter