CMS MADE SIMPLE FORGE

CMS Made Simple Core

 
Back Back to List

[#12345] More user friendly admin session handling

avatar
Created By: Ruud van der Velden (ruudvdvelden)
Date Submitted: 2020-08-04 15:35

Assigned To: Ruud van der Velden (ruudvdvelden)
Resolution: Accepted
State: Open
Summary:
More user friendly admin session handling
Detailed Description:
Currently when an logged in admin used browses to an admin page without a
userkey in the get or post params, the running session will be invalidated
immediately.

Consider implementing a way which won't invalidate the session but gives a few
options to the user. E.g.:
- continue using the running session
- cancel the request
- close the running session and start a new one
- ...

All requests that are a risk considering csrf should require user interaction.

History

Comments
avatar 
Date: 2020-09-04 11:46
Posted By: Ruud van der Velden (ruudvdvelden)

partly implemented in SVN (2.2.15)
Updates

Updated: 2020-09-04 11:46
resolution_id: => 6
assigned_to_id: 100 => 18365