[Interchange-bugs] [Bug 272] New - Session Information Being Dropped...

bugzilla-daemon@interchange.redhat.com bugzilla-daemon@interchange.redhat.com
Mon Jul 23 19:51:00 2001


http://developer.akopia.com/bugs/show_bug.cgi?id=272

*** shadow/272	Mon Jul 23 19:50:00 2001
--- shadow/272.tmp.22127	Mon Jul 23 19:50:00 2001
***************
*** 0 ****
--- 1,41 ----
+ Bug#: 272
+ Product: Interchange
+ Version: 4.7.x
+ Platform: All
+ OS/Version: All
+ Status: NEW   
+ Resolution: 
+ Severity: normal
+ Priority: P3
+ Component: Foundation
+ AssignedTo: bpatters@redhat.com                            
+ ReportedBy: jbeima@palb.com               
+ URL: 
+ Cc: 
+ Summary: Session Information Being Dropped...
+ 
+ All of the pages listed below must be included in the AlwaysSecure list.
+ 
+ The reason for it is all of these pages address and alter various user
+ information. So if you SSL-Domain and non-SSL domain are different, when you go
+ back and forth between these pages you loose the user/cart information that you
+ are trying to alter. If they are always done in the SSL domain, you never loose
+ anything.
+ 
+ account
+ change_password
+ customerservice
+ order
+ process
+ login
+ logout
+ new_account
+ returns
+ saved_carts
+ ship_addresses
+ ord/checkout
+ ord/basket
+ query/check_orders
+ query/order_detail
+ query/order_return
+