Ticket #1102 (closed defect: fixed)

Opened 11 years ago

Last modified 11 years ago

[S] logout links breaks if HTTP_REFERER not set

Reported by: pjkersha Owned by: pjkersha
Priority: critical Milestone: CMIP5 Security
Component: security Version:
Keywords: Cc:


The Session handler middleware uses HTTP_REFERER from environ to return to the previous URL following logout. If HTTP_REFERER is not set this breaks. This has been seen with Questionnaire (Django) and OAI Info Editor (Pylons).

Change History

comment:1 Changed 11 years ago by pjkersha

  • Status changed from new to closed
  • Resolution set to fixed

Fixed in trunk.

Note: See TracTickets for help on using tickets.