[TYPO3-core] RFC #15334: Feature: Allow separate cookie domain for FE and BE
Susanne Moog
info at susannemoog.de
Sun Aug 8 13:28:43 CEST 2010
On 03.08.2010 13:47, François Suter wrote:
> This is an SVN patch request.
>
> Type: New feature
>
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=15334
>
> Branches:
> Trunk
>
> Problem:
> Some clients run the TYPO3 BE under a different domain name for security
> reasons. This causes problems with cookie domains as it is currently
> possible to set a single one only, used by both FE and BE. The current
> workaround would be to avoid defining a cookie domain, but this is not
> secure.
>
> Solution:
> The attached patch introduces a separate cookie domain for the BE. If it
> is left blank, the "main" cookie domain is used for both FE and BE (i.e.
> the current behavior is unchanged).
+1 by reading and testing. But I'd like to see the parameter named
cookieDomainBe (I know the install tool namings are random anyway, but I
think we should stick to lower camel case for newly introduced properties).
(Oh and in the info text: please write "backend" with a lowercase "b")
Thanks,
Susanne
More information about the TYPO3-team-core
mailing list