by lexikos » 19 Jan 2024, 06:25
Given that the original post was about an issue that clearly already has a Bug Report topic, I have moved this topic to Forum Issues to deal with the login token issue.
I would assume that the SID appearing in a URL is explicitly not "cookie token bs", but a mechanism intended to permit logins without cookies.
In order for someone who is not Qriist to post as Qriist, Qriist must have shared a URL containing the SID. But what were the conditions that caused the SID to be present in the first place?
Given that the original post was about an issue that [i]clearly[/i] already has a Bug Report topic, I have moved this topic to Forum Issues to deal with the login token issue.
I would assume that the SID appearing in a URL is explicitly not "cookie token bs", but a mechanism intended to permit logins [i]without[/i] cookies.
In order for someone who is not Qriist to post as Qriist, Qriist must have shared a URL containing the SID. But what were the conditions that caused the SID to be present in the first place?