Restricting sessions to 1 IP is not appropriate for people behind Load Balancers or ISP's that have dynamic addresses
Bug #396735 reported by
Dan Garner
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Xibo |
Fix Released
|
High
|
Dan Garner |
Bug Description
Xibo restricts a session to an IP address to prevent session hijacking... this is really unnecessary due to other measures available.
Related branches
lp:~dangarner/xibo/396735
Merged
into
lp:xibo/1.0
- Xibo Maintainters: Pending requested
- Diff: None lines
- Xibo Maintainters: Pending requested
- Diff: None lines
Changed in xibo: | |
assignee: | nobody → Dan Garner (dangarner) |
importance: | Undecided → High |
milestone: | none → 1.0.3 |
status: | New → Fix Committed |
Changed in xibo: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
To patch:
replace: modules/ module_ user_general. php with http:// bazaar. launchpad. net/%7Edangarne r/xibo/ 396735/ download/ mail%40dangarne r.co.uk- 20090707200149- j5q1pqbya8y84vp y/module_ user_general. -20081210233331 -zodnsxsw2ykbwu xp-20/module_ user_general. php
replace: lib/app/ session. class.php with http:// bazaar. launchpad. net/%7Edangarne r/xibo/ 396735/ download/ mail%40dangarne r.co.uk- 20090707200149- j5q1pqbya8y84vp y/session. class.php- 20081219220817- 60ng15832jezwvn h-9/session. class.php