Fix cookie session timestamp validation #387
Open
+3
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In certain scenarios localhost could be blocked or take a long time to resolve, hence the cookie session validation now uses the loopback address directly instead of localhost
|
While this may help in certain scenarios, there are others which will break. There are IPv6 only systems out there which would not understand 127.0.0.1. Ideas I have to solve it differently: We already use SERVER_PORT and may be able to use SERVER_HOST in addition. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In certain scenarios localhost could be blocked or take a long time to
resolve, hence the cookie session validation now uses the loopback
address directly instead of localhost