Cross identity session bug

Submitted by kreig on Fri, 05/18/2012 - 17:11

Issue ID:	3613
Issue Category:	bug
Component:	core
Priority:	critical
Status:	active
Assigned:	evan
Version:	1.0
Milestone:	2.0
Keywords:	crossuser, identica, session

On Identi.ca I logged as @kreig, my username, everything was ok, i closed the firefox tab to continue with my job, then restored it and suddenly @talishte's profile appeared as if I was logged in as if I was logged in as @talishte in the first place.

I used identica version to date, and I attach screenshot with the cookie information

Attachment	Size
identica-bug1.png	122.77 KB
identica-bug2.png	146.42 KB

Updates

#1

Submitted by Victor Orozco on Sat, 05/19/2012 - 00:59.

I recently suffered this bug, @kreig advised me than an update in my profile was generated at Guatemala altought I'm living now at Brazil, I'm part of the circle of friends that is experimenting the bug.

Also I reviewed the authorized applications and an unknow application with auth token 0e035e4 was there. I've revoked the unknown permission.

The update generated from Guatemala was also posted in my twitter account.

https://twitter.com/#!/tuxtor/status/203702595397754880

FTR, I'm using the portuguese version of status.net GUI

Attachment	Size
test.png	211.91 KB

You can also subscribe to the RSS feed for updates to this issue.

StatusNet Issue Tracker

Please search for duplicates before submitting a new issue!

We currently have

1516 open issues (3455 total)

Recent Issues

Empty Groups

shortener cut07.tk

tag #nsfw

[See all]

Open Source Users

Post an app, plugin or theme to the Add-on Directory New!
Submit a new issue, bug, or feature request