Summary: | Javascript popups doesn't handle session cookies correctly | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Thomas Petersen <tp> |
Component: | kcookiejar | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | ||
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Gentoo Packages | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Attachments: | Testcase showing the bug in action |
Description
Thomas Petersen
2003-10-13 22:27:00 UTC
claiming it's kjs i've had the same problem: i wrote a small web app in php that uses sesssions to maintain user privileges between pages. now, between individual pages, it seems to work, but if one of the links in the app that i click on happens to open a popup (which includes the session_start(); function), the a new session id is created, rather than keeping the old one used on the previous pages. in internet explorer and mozilla, the session id is kept the same throughout, regardless of whether we're using a popup or not. but konqueror is breaking my app. the main part of the app is just an image browser, and the popups are larger versions of the image with detailed info, so browsing from thumbnail set to set to set is fine, the session id remains the same. but once you open a popup, close it, and go to another page (or open a new popup) the session id is changed. here's an example of the code that both the main page and the popup are using: <? session_start(); $_SESSION["id"] = session_id(); ?> and here's a link to the site (though the ip is dynamic so you never know, AND you can't really see any of the session stuff 'cause i'm not posting a login, but the entire codebase is downloadable from there: http://imager.cravingthesoulfood.org:8080/ so is this a bug or a feature? The IMP webmail program is also broken by this bug. I can confirm that downgrading PHP to 4.3.2 does fix this. PHP 4.3.4 also has the problem however so it may be that all future versions will do the same thing. I agree that the problem isn't what PHP is doing, but what Konqueror is doing. I don't believe this bug is related to kjs, I can reproduce it by right-clicking an image and then selecting "view image", which opens up a new window containing only the image, if I then reloade this window, my session cookie is gone. This surely does not involve any JavaScript code. Created attachment 4181 [details]
Testcase showing the bug in action
Observe the session id printed out, now click the link to open the popup, now
close the popup. Refresh the test1.php page with F5, observe the session id
changes.
Remember it must be tried out on PHP 4.3.3
Sorry, but we won't install some PHP version and debug what's going on in there. What might help though is if you track the network traffic with tcpdump and attach it here (probably also compared with e.g. IEs or mozillas) Stephen, this is definitely a Konqueror bug as every other Browser works properly. The problem is very clearly described by the original poster so I am not certain what you are looking for from tcpdump. Be more specific what you want to know beyond what has already been posted and I will provide the information. Note that it's not just PHP apps that open popups that are broken by this. I noticed that t-mobile.com has the same problem and that site uses ASP. Still an issue in KDE 3.2.2 This is not a kjs problem, but a cookiejar problem. It has already been addressed for the upcoming 3.3 as well as the 3.2.3 releases. See http://bugs.kde.org/show_bug.cgi?id=64182 *** This bug has been marked as a duplicate of 64182 *** |