On 05/07/2014 12:37 PM, Alon Bar-Lev wrote:
Hi,
Thanks Omer for the hint!
Following merge of several patches HttpOnly cookie patch[1], and the new theme[2] (I guess), the login stopped working.
The frontend is doing basic authentication against the restapi and attempt to move the cookie(?)? But it sending the cookie without http only marker.
I do not fully understand the logic, but it may parse the cookie manually in order to do so?
Our cookies must have HttpOnly markers so this probably need to be solved at the component which sends the cookie without the HttpOnly.
For now, people that experiencing this, please revert[1] until we can sort it out.
I think its better to revert [1] till this has a fix
Thanks, Alon
[1] http://gerrit.ovirt.org/#/c/25915/ [2] http://gerrit.ovirt.org/#/c/24594/ _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel