SMF Development > Bug Reports

[4244]SMF 2.0 RC3 - Obfuscation of session variable name breaks integration

<< < (18/18)

*reads around the suhosin doc and other reported cases on the net.*
Oh darn. Thank you Nao! This was a good one! :)
Thank you for the time put in it.

I don't think it's much SMF can do, it seems to me rather rare, I think. The domain/subdomains should be set up as different virtual hosts in the apache/lighttpd configuration files (so with different docroot); the session encryption key set in suhosin configuration to depend on docroot...
I do tend to think it should be documented, in our doc about SSI/other integrations, because afaics that's what it might interfere with.

Nao 尚:
Yeah, it's sad that it can't be fixed once and for all within SMF.
I'll leave the rest to you.

I'm currently focusing on my remaining bugs. (And reading your PMs.... :P)

Is this considered a candidate as a valid bug, as it's quite an involved issue and heavily server config related?


[0] Message Index

[*] Previous page

Go to full version