• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item7026: TWiki::LoginManager::createCryptToken() to check $cfg{UseClientSessions}

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Engine LoginManager Normal Closed   major 6.0.0

Edit Form Data

Reported By:
Applies To:
Current State:
Waiting For:
Target Release:
Released In:


TWiki::LoginManager::createCryptToken() should check $cfg{UseClientSessions}, since otherwise, whenever %CRYPTTOKEN% is used for whatever reasons, it throws an exception Can't call method "id" on an undefined value due to the uninitialized $this->{_cgisession}.

-- TWiki:Main/MahiroAndo - 2012-11-06

Related: TWiki:Codev.SecurityAuditTokenBasedCsrfFix

-- TWiki:Main.MahiroAndo - 2012-11-06

Summary TWiki::LoginManager::createCryptToken() to check $cfg{UseClientSessions}
ReportedBy TWiki:Main.MahiroAndo
Codebase ~twiki4, 5.1.2
SVN Range TWiki-5.1.3-trunk, Fri, 26 Oct 2012, build 23781
AppliesTo Engine
Component LoginManager
Priority Normal
CurrentState Closed

Checkins TWikirev:23908 TWikirev:23909
TargetRelease major
ReleasedIn 6.0.0
Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r7 - 2013-10-15 - PeterThoeny
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback