[TYPO3-core] RFC #0013938: Backend session is locked to useragent

Markus Klein m.klein at mfc-linz.at
Thu Sep 2 23:35:49 CEST 2010


Ok you're right!
Nevertheless I suggest to introduce this additional option for BE, so one
can decide wether to change this only for FE or also for BE.
Therefore i moved this configuration into class beUserAuth.

So please have a look at patch v4.

Thx
Markus

> Markus Klein schrieb am 09/02/2010 07:21 PM Uhr:
> > +1 on testing as well.
> >
> > I attached v3 suitable for current trunk.
> 
> Patch looks odd on the background that there's already such feature for
the
> FE. So I would expect a *move* of (!= new) function call from
> subclass(es) up to t3lib_userAuth.
> 
> 
> Marcus.
> 
> --
> Member TYPO3 Security Team
> Blog on TYPO3 Security: http://secure.t3sec.info/blog/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: bug13938_v4.patch
Type: application/octet-stream
Size: 2936 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20100902/97cfa397/attachment.obj>


More information about the TYPO3-team-core mailing list