Fix cookie session timestamp validation

In certain scenarios localhost could be blocked or take a long time to resolve, hence the cookie session validation now uses the loopback address directly instead of localhost
NagVis · Dec 19, 2024 · 7cdcc3c · 7cdcc3c
1 parent ec23e88
commit 7cdcc3c
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -1,4 +1,6 @@
 1.9.45
+  * FIX: Fix not working cookie session timestamps validation introduced with 1.9.43 in
+         when localhost is blocked or takes a long time to resolve
 
 1.9.44
   * FIX: Fix not working cookie session timestamps validation introduced with 1.9.43 in

diff --git a/share/server/core/classes/CoreLogonMultisite.php b/share/server/core/classes/CoreLogonMultisite.php
@@ -138,7 +138,7 @@ private function checkAuthCookie($cookieName) {
         // Check session periods validity
         $site = getenv('OMD_SITE');
         $port = $_SERVER['SERVER_PORT'];
-        $url = "http://localhost:$port/$site/check_mk/api/1.0/version";
+        $url = "http://127.0.0.1:$port/$site/check_mk/api/1.0/version";
 
         $headers = [
             'Content-type: application/json',