xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 17:43:14 +00:00
Code Issues Projects Releases Wiki Activity

Remove 'path' condition for session cookie

Browse Source 
The cookie had an unnecessary limitation.  path need not be specified,
and it is possible for a client to request in a way that fails the criteria.
This commit is contained in:
Jarrod Johnson 2016-10-21 09:56:14 -04:00
parent 7f9394b33a
commit 0ad4ae90c9
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
confluent_server/confluent/httpapi.py
View File

@ -290,7 +290,6 @@ def _authorize_request(env, operation):
cookie['confluentsessionid'] = sessid
cookie['confluentsessionid']['secure'] = 1
cookie['confluentsessionid']['httponly'] = 1
cookie['confluentsessionid']['path'] = '/'
skiplog = _should_skip_authlog(env)
if authdata:
auditmsg = {