Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

HTTP_HOST mangling causes Login to fail for some users #2444

Closed
robocoder opened this Issue · 6 comments

1 participant

@robocoder
Collaborator

In some environments, a fixup is applied to HTTP_HOST such that it doesn't match the host in SCRIPT_URI. Example:

This causes isLocalUrl() and ultimately, the Nonce verification on the Referer to fail.

@robocoder
Collaborator

(In [4750]) fixes #2444

@robocoder
Collaborator

(In [4754]) refs #2444 - relax isLocalReferer() test so that it's comparable to the Origin: test

@robocoder
Collaborator

(In [4756]) refs #2444

@robocoder
Collaborator

(In [4757]) refs #2444

@robocoder
Collaborator

(In [4758]) refs #2444

@robocoder
Collaborator

(In [4760]) refs #2444 - re-enable unit test

@robocoder robocoder added this to the 1.5 - Piwik 1.5 milestone
@robocoder robocoder self-assigned this
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.