[TYPO3-core] RFC #0013938: Backend session is locked to useragent
Helmut Hummel
helmut at typo3.org
Fri Sep 3 13:14:11 CEST 2010
Hi,
Am 03.09.2010 12:03, schrieb Marcus Krause:
> Björn Pedersen schrieb am 09/03/2010 11:49 AM Uhr:
>> [...]
>> The complete patch is v5.
>> Advantages: Just one central place to check and set the options. Avoids
>> the risk, that a be/fe_user instance is created manually and the
>> lockIP/lockHashKeyWords are not set. Currently a
>> makeInstance(beuser/feuser) is not enough. You have to remember to set
>> all the options as it is done e.g. in tslib_fe.
>
> v5 might break behavior if BE session is run in context of FE and vice
> versa. But I don't know if such use case actually exists.
> So this is just to have it mentioned here.
At least the ip_lock part is out of the scope of this RFC. So please
remove this change and stick to the useragent part. Thanks.
Regards Helmut
More information about the TYPO3-team-core
mailing list