Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3133738
T122056.patch
Unicornisaurous (Unicornisaurous)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Unicornisaurous
Dec 22 2015, 2:28 AM
2015-12-22 02:28:16 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
T122056.patch
View Options
From 0f9b2988e5e2be12858d2429f20c2044797f30d7 Mon Sep 17 00:00:00 2001
From: Andrew H <crazy4sb@gmail.com>
Date: Mon, 21 Dec 2015 21:16:01 +0000
Subject: [PATCH] SECURITY: Remove tokens from session when the user logs out
Bug: T122056
Change-Id: Ica0519d18171feeb359bbbe59c37b38e16cbdafd
---
includes/user/User.php | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/includes/user/User.php b/includes/user/User.php
index fed9664..92a1dff 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -3656,6 +3656,7 @@ class User implements IDBAccessObject {
$this->clearInstanceCache( 'defaults' );
$this->getRequest()->setSessionData( 'wsUserID', 0 );
+ $this->getRequest()->setSessionData( 'wsEditToken', '' );
$this->clearCookie( 'UserID' );
$this->clearCookie( 'Token' );
@@ -4129,7 +4130,7 @@ class User implements IDBAccessObject {
return self::EDIT_TOKEN_SUFFIX;
} else {
$token = $request->getSessionData( 'wsEditToken' );
- if ( $token === null ) {
+ if ( $token === null || strlen( $token ) === 0 ) {
$token = MWCryptRand::generateHex( 32 );
$request->setSessionData( 'wsEditToken', $token );
}
--
1.9.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3142244
Default Alt Text
T122056.patch (1 KB)
Attached To
Mode
T122056: Old tokens are remaining valid within a new session
Attached
Detach File
Event Timeline
Log In to Comment