-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Opening several tabs (randomize resource) #93
Comments
May I suggest that you do this all the time? Nowadays most clients have something of the form 'client name.random bits' set as a resource. Reusing the same resource isn't something recommended anymore (I would need to ask someone for the reasoning behind). |
I'm glad you asked, I opened this issue for this very reason 😎 |
By the way, are there any rules or constraints to respect regarding the format of the resource (forbidden characters or other things)? |
Wait! You are too fast! ^^' I went to confirm on the XSF channel and I was off, here is what I got:
And
So basically you still want to do this, generate a random resource, except you want to store the it and reuse it all the time. Also, "obviously", this doesn't apply for sasl anon, as it's not possible to reuse the same session anyway. |
As for constraints on the resource, there's an updated spec here: https://www.rfc-editor.org/rfc/rfc6122#section-2.4. |
No problem, if needed, I will reopen it or create a new one. I'm not sure what is the best, but I suggest we can initialize random string at register tab creation and then store in memory (not local storage since it would be reused across other tabs) and reuse it for this specific tab (it would apply only for logout / reconnect). Am I right? |
Yeah that sounds alright to me! |
Intended behavior
When I develop the application, I would like to have two instances for the same user.
Solution
Randomize the resource in dev mode.
Alternatives
No response
Priority
Could-have
Users scope
registered users
Affected features
login
Pull request
yes
The text was updated successfully, but these errors were encountered: