Modify ↓
#7608 closed defect (fixed)
TRAC Login problems caused by RevTree-Plugin / logged in as other user
Reported by: | AlexK|Ventuz | Owned by: | Emmanuel Blot |
---|---|---|---|
Priority: | high | Component: | RevtreePlugin |
Severity: | critical | Keywords: | |
Cc: | Trac Release: | 0.11 |
Description
We had some weird log-in problems in the past where a user enters his user credentials but ends up logged in as another user. The source of this problem seems to be the line seed(0) in svgview.py. This messes up the random number generation used by TRAC to create the session cookies (i.e. hex_entropy in the TRAC source code). This line definitely has to be removed/replaced as soon as possible.
Attachments (0)
Change History (3)
comment:1 follow-up: 3 Changed 14 years ago by
comment:3 Changed 11 years ago by
Replying to eblot:
Replying to AlexK|Ventuz: I think it can be definitely removed: AFAIR, it's a left-over from a very old implementation where the branch colors where generated randomly...
Very true.
Note: See
TracTickets for help on using
tickets.
Replying to AlexK|Ventuz:
I think it can be definitely removed: AFAIR, it's a left-over from a very old implementation where the branch colors where generated randomly. This feature has been dropped a long time ago, as it led to use different color for the same branch on each page refresh. For several years, the branch color is computed from the branch name, so that a constant color is always assigned to a given branch.