- User Since
- Oct 15 2014, 1:48 PM (353 w, 6 d)
- LDAP User
- MediaWiki User
Sep 10 2020
Jul 21 2020
Jan 28 2020
Jan 26 2020
Sep 4 2019
On year without an answer ; seems to be fixed or not reproducible anymore.
So there are different solutions:
I am against this suggestion, our OTRS system contains sensitive to highly sensitive information on users. OTRS also hosts some Oversighters queues by the way.
May 9 2019
Apr 10 2019
Apr 9 2019
Dec 3 2018
Sep 14 2018
Sep 11 2018
Sep 4 2018
Aug 21 2018
Apr 25 2018
True, whichever is easier. This is not an important issue though.
Now pending on T187984
QA is completed, fix is merged.
Apr 9 2018
Mar 30 2018
Scoopfinder triaged this task as Normal priority.
Hmm, do you plan to work on this task? (Asking as you prioritized this task.)
Mar 13 2018
Mar 6 2018
Mar 2 2018
As this been cleared by WMF Legal ? There might be consequences to mix WMF domain and chapter ones like this, nah?
Feb 28 2018
Hello @Chrissymad and thank you for your report. I usually use the "quick-close" button and then mark it as spam. I have to go back in the browser history and refresh the page in between and I understand that this can be annoying.
Feb 23 2018
Fixed upstream, pending QA and waiting for a patch to be available.
Feb 22 2018
Closing as resolved since we got no reply (since dec. 2016) or futher report.
I would suggest to close this, since it won't be done for security reasons and it is almost certain that this will not be corrected/changed in the future.
Since the last update to OTRS 5, is this bug still existing?
Feb 21 2018
Reported upstream: https://bugs.otrs.org/show_bug.cgi?id=13687
@Josve05a : I did as mentioned, but still can login without 2FA or with a random 2FA. Did you try to check this too? (maybe I am the one doing sth wrong)
Hello @akosiaris and thank you for responding to my cry for help. :-)
Feb 19 2018
Is there a way to push this ticket? OTRS contains very sensitive information (especially in oversighter queues) and security should be a priority.
Feb 17 2018
Per @akosiaris: this seems to be how the software should behave and will probably not be accepted it taken upstream.