Bug
Cookie from different store accepted
Issue description
Under special circumstances a cookie from another store does not cause a bad request: a request to a resource requiring login is made in store A. This gives a session id cookie A1. Then a request is made to store B and crafted so it holds A1. Store B handels the request, but should detect it as bad.
|
Work sessions2
Start |
2017-06-08T13:14:06
|
End |
2017-06-08T14:36:18
|
Participant |
Robert Cerny
|
Start |
2017-06-13T08:38:51
|
End |
2017-06-13T10:07:25
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.