Bug
Ticket user could not POST to service
Issue description
A user was logged in by ticket, but could not use a POST service.
Developer comments
The user logged in, had the page open for some hours and clicked then the button which triggered the POST request. The request R1 had an expired session cookie and was denied, resulting in an insufficient access rights message. In order to avoid the confusion of the user, it might be better to provide a meaningful error message: Session expired. Please login again!
Since at the time of request R1, the session can no longer be found on the server, the error message can just be changed for every request of that kind. So also when the session id is planted, but that is the lesser of two evils.
|
Work sessions
Start |
2023-01-16T13:34:20
|
End |
2023-01-16T15:31:32
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.