Issue 827533
Created on 2003-10-21 14:12 by thomas_ah, last changed 2004-10-08 15:59 by chrisgltt.
|
| msg1010 |
Author: [hidden] (thomas_ah) |
Date: 2003-10-21 14:12 |
|
With current maint-0-6 branch an error message shows
when I try to use the link from the "Confirm reset of
password" email:
"Invalid One Time Key!"
But everything works fine.
|
| msg1011 |
Author: [hidden] (thomas_ah) |
Date: 2003-10-21 14:41 |
|
Logged In: YES
user_id=839582
Seems as if this only happens with Galeon 1.2.5 and Mozilla
1.0.0 (both from Debian/woody). netscape 4.7x, wget, links
and lynx don't show the error.
The problem is that Galeon/Mozilla requests the page a
second time after about half a second. It works the first
time and the password is reset, but on the next request the
otk is invalid.
|
| msg1012 |
Author: [hidden] (jlgijsbers) |
Date: 2003-10-21 16:25 |
|
Logged In: YES
user_id=469548
I can confirm this using Firebird 0.6.1. It seems related to
these Mozilla issues:
http://bugzilla.mozilla.org/show_bug.cgi?id=77702,
http://bugzilla.mozilla.org/show_bug.cgi?id=148896. We could
probably fix this by keeping the otk and adding a "used"
property to it, letting clean_sessions() destroy the OTK's,
but this is really a Mozilla issue, isn't it?
|
| msg1013 |
Author: [hidden] (jlgijsbers) |
Date: 2003-10-22 16:49 |
|
Logged In: YES
user_id=469548
I thought about this some more, and I've added a note about
Mozilla in the 'Invalid One time Key' error message.
|
| msg1014 |
Author: [hidden] (thomas_ah) |
Date: 2003-10-22 16:53 |
|
Logged In: YES
user_id=839582
Good idea, this is probably the best solution.
|
| msg1015 |
Author: [hidden] (chrisgltt) |
Date: 2004-10-08 15:59 |
|
Logged In: YES
user_id=1112215
I got an error page after clicking the link roundup sent to me
to reset my password. So how you guys solve it?
|
|
| Date |
User |
Action |
Args |
| 2003-10-21 14:12:09 | thomas_ah | create | |
|