Edgewall Software
Modify

Opened 19 years ago

Closed 19 years ago

Last modified 18 years ago

#1773 closed enhancement (fixed)

Logout should expire trac_auth cookie

Reported by: Martijn Pieters <mj@…> Owned by: Jonas Borgström
Priority: normal Milestone: 0.9
Component: general Version: 0.8.4
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

A logout should set the trac_auth cookie to a date in the past so the browser deletes it. With the cookie deleted other entities (such as Apache RewriteRules) can reliably detect a logged-in trac session.

Attachments (1)

expire_auth_cookie.diff (1.0 KB ) - added by Martijn Pieters <mj@…> 19 years ago.
Patch adding expiration of trac_auth cookies on logout

Download all attachments as: .zip

Change History (4)

by Martijn Pieters <mj@…>, 19 years ago

Attachment: expire_auth_cookie.diff added

Patch adding expiration of trac_auth cookies on logout

comment:1 by Jonas Borgström, 19 years ago

Status: newassigned

Yeah, that sounds like a very valid reason, that should at least be fixed in trunk, and maybe even 0.8-stable. I'll look into it.

comment:2 by Jonas Borgström, 19 years ago

Milestone: 0.9

comment:3 by Jonas Borgström, 19 years ago

Resolution: fixed
Status: assignedclosed

Fixed both on trunk and 0.8-stable ([1932] and [1933]). Thanks Martijn.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment
E-mail address and name can be saved in the Preferences .
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.