You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While working with me on #412@mattpen observed that the Rosetta client code isn't checking login status on page navigations. He said that it should. The issue also relates to how a publication request can be sent to the server with bogus user ID information, probably because the user's session has timed out.
For security reasons, we should probably improve Rosetta's behavior such that it does check login info on a page navigation and on publish requests and, if a user's session has expired, prompt them to re-enter their login credentials before allowing the request.
The text was updated successfully, but these errors were encountered:
After further review, there are higher priority issues that should be addressed in Rosetta before tackling this, specifically some problems that have been recently reported by translators. I'm going to remove the high priority label, but leave the issue assigned to me.
While working with me on #412 @mattpen observed that the Rosetta client code isn't checking login status on page navigations. He said that it should. The issue also relates to how a publication request can be sent to the server with bogus user ID information, probably because the user's session has timed out.
For security reasons, we should probably improve Rosetta's behavior such that it does check login info on a page navigation and on publish requests and, if a user's session has expired, prompt them to re-enter their login credentials before allowing the request.
The text was updated successfully, but these errors were encountered: