On Wed, 09 Nov 2011 15:26:07 -0800, Brion Vibber wrote:
On Wed, Nov 9, 2011 at 2:50 PM, Dan Nessett dnessett@yahoo.com wrote:
What problems remain other than the ones I noted previously as being known problems or expected behavior?
Documented in the bug report (comment 4).
Ok so to confirm:
- This is primarily about the bug we told you should be fixed by the
session security fix in 1.16.5 if it's happening to you * You can't reproduce it on 1.16.5, but also can't reproduce it on 1.16.2 anymore?
- You're trying to reproduce it exactly on 1.16.2 so you personally can
confirm it is indeed fixed in 1.16.5
- The loads of details about session info and behavior are just for you
to log what's going on so you can identify the bug when you see it, and don't indicate any new issues.
I've changed the summary on the bug to indicate that it's an old bug believed to be fixed in 1.16.5, and not something new or remaining that would require additional fixes.
-- brion
That is a fair summary with some minor corrections.
+ The problem originally documented occurred on two of our wikis. The evidence of it exists in their recent changes logs. However, I have been unable to develop a procedure that will reliably reproduce the error. It only occurs intermittently on the live wikis running 1.16.2. I moved one of those wikis to 1.16.5 and so far the problem has not reoccurred.
+ I have been able to develop procedures that demonstrate other problems with session management on 1.16.2, but so far those procedures do not show a problem on 1.16.5. Since these problems arise intermittently, this does not demonstrate categorically the absence of the problems on 1.16.5. So, while it is probably safe to assume 1.16.5 fixes these problems, I cannot state that with 100% certainty.
+ I am trying to reproduce the original problem exactly on 1.16.2 not just for me personally. Documenting a procedure that reproduces the problem helps others who run up against a session related problem to determine if it is the same problem described in this bug ticket. So, the detail is intended to help not only me, but others who run wikis experiencing session management problems.
+ The ticket does indicate at least on new problems that probably requires attention. Specifically, when a session times out and the user accesses the wiki, the login status is incorrectly shown at the top of the page until a additional page access (e.g., after a browser refresh). I believe you have described how this problem might be solved.
Dan