[TYPO3-commerce] Important: baskets seem to get shared among fe_users (security issue?)
Franz Koch
typo.removeformessage at fx-graefix.de
Fri Sep 14 12:42:59 CEST 2007
Hi,
> I have a strange behaviour and maybe a "security" issue. I login as
> userA, put some articles into the basket, don't go to checkout, log off
> and then login as userB. After that I see the basket of userA. This bug
> is not related to page caching and it's not related to permalogin as it
> seems (the effect occurs with and without activated permalogin when
> logging in).
>
> The next unexpected behavior is, that when I switch browsers on the same
> computer, I get two different baskets. Maybe not what a regular user
> expects.
no comments from anybody? Seems like I'm talking to myself most of the
time on this list :-/
--
Franz
More information about the TYPO3-project-commerce
mailing list