[TYPO3-v4] Configurable cookie name feature breaks rsaauth
Helmut Hummel
helmut.hummel at typo3.org
Sun Sep 25 12:49:54 CEST 2011
On 25.09.11 12:25, Helmut Hummel wrote:
> Can anybody involved in this change look into it and change it to not
> rely on the PHP session? Thanks.
http://forge.typo3.org/issues/30269
> I will take care to fix rsaauth, which just checks if the $_SESSION var
> is an array and not if the session really is started.
http://forge.typo3.org/issues/30270
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader, TYPO3 v4 Core Team Member
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-project-v4
mailing list