Authentication Form cookie verification
|Reported by:||prunille||Owned by:||mgood|
|Severity:||normal||Keywords:||Form Auth Input|
I try to set up a SSO front of Trac and it is no real SSO but only credentials replay with Vulture NG. The system submits the received cookie and some inputs but not all since I believe it can not send dynamic hidden inputs.
Can someone explain why dynamic hidden inputs need to be inserted in the authent form?