Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-13048

AJAX requests are being stored to session_page

    Details

    • Type: Bug
    • Status: Unverified Fix
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.1.0-RC3
    • Fix Version/s: 3.1.0-RC5
    • Component/s: Sessions
    • Labels:
      None

      Description

      When a user triggers any sort of AJAX related content, that AJAX url is being stored to the user's session_page field in the sessions table.

      That means a user who is viewing a forum, but clicked on an AJAX action, for example Delete all board cookies, then the delete all board cookies link gets stored to their session_page, and in view online the user will be reported as viewing the UCP, even though they are actually still on a forum page.

      This gets worse for extensions, which will use AJAX increasingly.

      The session_page data should only store actual pages being viewed, not AJAX requests.

        Attachments

          Activity

            People

            • Assignee:
              nickvergessen Joas Schilling
              Reporter:
              VSE Matt Friedman
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: