View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000562 | WackoWiki | action | public | 2024-02-15 02:47 | 2024-12-11 08:55 |
Reporter | brianko | Assigned To | administrator | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | resolved | Resolution | fixed | ||
Product Version | 6.0.27 | ||||
Target Version | 6.1.x | Fixed in Version | 6.1.x | ||
Summary | 0000562: page call not detecting authenticated session | ||||
Description | After some indeterminate amount of time, the {{commented}} action will no longer detect an authenticated session and will show the user as being logged out. Other actions show the user to be logged in. | ||||
Additional Information | Images show links being clicked, one after another, with the Comments page clearly showing the user logged out, while two other links clearly show the user logged in. | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
related to | 0000563 | resolved | administrator | Change $cf_cookie_samesite default to 'Lax' |
related to | 0000568 | assigned | administrator | Unable to logout or go to account settings |
related to | 0000570 | new | Wackowiki site install does not correctly handle session when logged-in user clicks the "Forum" tab |
|
I can confirm this behavior, occasionally the browser loads the cached page version, the browser has stored, despite being logged in. Usually a page refresh in the browser discards the cached version. I'm not sure what is causing this and how it can be fixed. Guess it is a session & HTTP header issue, ttl stuff, is it? The very moment you're logged in, the HTTP class won't serve you a cached version. case 'wacko': $http->check_cache($route['page'], $route['method']); $engine->run($route['page'], $route['method']); $http->store_cache(); break; In the run() function it checks the session and auth token // start user session if (!($user = $this->get_user()) && ($user = $this->check_auth_token())) { // re-login by auth token $this->soft_login($user); } I don't think it is caused by the commented action. Looks to me more like a session termination & soft login issue. However if a action causes a 500er your session will be terminated. How we can pin down this issue? |
|
I could not reproduce the behavior on my local test instance. I suspect it is caused by the shared hosting environment. It would be good to know what exactly is causing the odd behavior to mitigate it. Today I got permanently logged out, other times it is not possible to upload files, it happens occasionally. possible causes * server measures (proxy, session set back, ...) * purge of session dir https://web.dev/articles/http-cache https://redbot.org See also request / response header. * NS_BINDING_ABORTED |
|
It seems that issue has been fixed with the latest release, see 6.1.25 and 6.1.26 change log. * removed deprecated usage of Expires: and Pragma: header * fixed If-Modified-Since conditional requests issues * fixed invalid ETag * fixed various Cache-Control header issues * re-check for anonymous user before storing cache * soft_login() may set sess->user_profile |
Date Modified | Username | Field | Change |
---|---|---|---|
2024-02-15 02:47 | brianko | New Issue | |
2024-02-15 02:47 | brianko | File Added: image.png | |
2024-02-15 02:47 | brianko | File Added: image-2.png | |
2024-02-15 02:47 | brianko | File Added: image-3.png | |
2024-02-15 13:10 | administrator | Note Added: 0001101 | |
2024-02-15 13:17 | administrator | Note Edited: 0001101 | |
2024-02-15 13:22 | administrator | Note Edited: 0001101 | |
2024-02-15 13:50 | administrator | Status | new => confirmed |
2024-02-15 13:56 | administrator | Note Edited: 0001101 | |
2024-02-15 13:57 | administrator | Note Edited: 0001101 | |
2024-02-15 14:00 | administrator | Note Edited: 0001101 | |
2024-02-15 14:03 | administrator | Note Edited: 0001101 | |
2024-02-15 14:06 | administrator | Note Edited: 0001101 | |
2024-02-16 07:26 | administrator | Relationship added | related to 0000563 |
2024-03-20 09:22 | administrator | Note Added: 0001105 | |
2024-03-20 09:28 | administrator | Note Edited: 0001105 | |
2024-03-20 09:41 | administrator | Note Edited: 0001105 | |
2024-03-20 10:26 | administrator | Note Edited: 0001105 | |
2024-03-22 07:03 | administrator | Note Edited: 0001101 | |
2024-04-09 12:47 | administrator | Relationship added | related to 0000568 |
2024-04-09 13:07 | administrator | Summary | {{commented}} not detecting authenticated session => page call not detecting authenticated session |
2024-04-09 14:29 | administrator | Note Edited: 0001105 | |
2024-11-14 10:06 | administrator | Assigned To | => administrator |
2024-11-14 10:06 | administrator | Status | confirmed => resolved |
2024-11-14 10:06 | administrator | Resolution | open => fixed |
2024-11-14 10:06 | administrator | Fixed in Version | => 6.1.x |
2024-11-14 10:06 | administrator | Target Version | => 6.1.x |
2024-11-14 10:06 | administrator | Note Added: 0001110 | |
2024-11-14 21:19 | administrator | Note Edited: 0001110 | |
2024-11-14 21:22 | administrator | Note Edited: 0001110 | |
2024-12-11 08:55 | administrator | Relationship added | related to 0000570 |