#11636 NORM xs-0.7: Moodle sends returning users to login page even though they are logged in
Zarro Boogs per Child
bugtracker at laptop.org
Wed Feb 15 21:16:13 EST 2012
#11636: Moodle sends returning users to login page even though they are logged in
-------------------------------------+--------------------------------------
Reporter: greenfeld | Owner: martin.langhoff
Type: defect | Status: new
Priority: normal | Milestone: xs-0.7
Component: school server | Version: Development build as of this date
Resolution: | Keywords:
Next_action: diagnose | Verified: 0
Deployment_affected: | Blockedby:
Blocking: |
-------------------------------------+--------------------------------------
Comment(by martin.langhoff):
Hm! If a new instance of Browse doesn't trigger it, but Browse sessions
closed in a "deeper" URL /may/ have an old "sesskey" in the URL. The
sesskey is a unique key, generated for each login session, that prevents
CSRF.
If your browse session is closed/saved with a URL with a sesskey in it,
upon reopening Browse, Moodle is likely to reset your session, and perhaps
lose track of things.
Not all "deep" URLs will trigger this. You can scan the url for the string
"sesskey".
--
Ticket URL: <http://dev.laptop.org/ticket/11636#comment:4>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list