[ovirt-devel] Login is failing at master due to cookie hell
Roy Golan
rgolan at redhat.com
Wed May 7 09:42:34 UTC 2014
On 05/07/2014 12:41 PM, Roy Golan wrote:
> On 05/07/2014 12:37 PM, Alon Bar-Lev wrote:
>> Hi,
>>
>> Thanks Omer for the hint!
>>
>> Following merge of several patches HttpOnly cookie patch[1], and the new
>> theme[2] (I guess), the login stopped working.
>>
>> The frontend is doing basic authentication against the restapi and
>> attempt to
>> move the cookie(?)? But it sending the cookie without http only marker.
>> I do not fully understand the logic, but it may parse the cookie
>> manually in
>> order to do so?
>>
>> Our cookies must have HttpOnly markers so this probably need to be
>> solved at
>> the component which sends the cookie without the HttpOnly.
>>
>> For now, people that experiencing this, please revert[1] until we can
>> sort it
>> out.
>
> I think its better to revert [1] till this has a fix
I mean to revert it in gerrit. and not locally by each developer
>>
>> Thanks,
>> Alon
>>
>> [1] http://gerrit.ovirt.org/#/c/25915/
>> [2] http://gerrit.ovirt.org/#/c/24594/
>> _______________________________________________
>> Devel mailing list
>> Devel at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/devel
>
> _______________________________________________
> Devel mailing list
> Devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
More information about the Devel
mailing list