Project

General

Profile

Actions

Bug #660

closed

login after timeout POSTs to page and unsets config options

Added by Chris Buechler almost 14 years ago. Updated over 13 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Web Interface
Target version:
Start date:
06/14/2010
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

If you're at a particular page in the web interface and your session times out, when you refresh that page and log in, it POSTs the username and password to that page, and the page treats it as a normal POST, unsetting many config options. For example, go to system_advanced_admin.php, refresh after the session timeout, login, and it wipes values there.

Actions

Also available in: Atom PDF