If AUTHENTICATION_COOKIE_LIFETIME is non-zero, some cookies are not refreshed and expire too soon.

Bug #1257112 reported by Mark Sapiro
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Mark Sapiro

Bug Description

The AUTHENTICATION_COOKIE_LIFETIME feature was introduced in Mailman 2.1.15 to specify a length of time after which the cookie will expire if not used. Code to refresh the cookie was added in the wrong place so only user cookies were refreshed and others expired based on their original issue time rather than their last use.

Related branches

Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Committed
Mark Sapiro (msapiro)
Changed in mailman:
milestone: 2.1.18 → 2.1.18rc1
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers