Skip to content
Snippets Groups Projects
Commit 7d34a11c authored by Lloyd Hilaiel's avatar Lloyd Hilaiel
Browse files

vary session cookie name by public_url when public_url is not browserid.org -...

vary session cookie name by public_url when public_url is not browserid.org - this addresses issues which affect testing with IE when cookies are set for both, diresworb.org and dev.diresworb.org.  closes #296.
parent 68ec8cc1
No related branches found
No related tags found
No related merge requests found
......@@ -38,7 +38,18 @@ var abide = i18n.abide({
});
const COOKIE_SECRET = secrets.hydrateSecret('browserid_cookie', config.get('var_path'));
const COOKIE_KEY = 'browserid_state';
var COOKIE_KEY = 'browserid_state';
// to support testing of browserid, we'll add a hash fragment to the cookie name for
// sites other than browserid.org. This is to address a bug in IE, see issue #296
if (config.get('public_url').indexOf('https://browserid.org') !== 0) {
const crypto = require('crypto');
var hash = crypto.createHash('md5');
hash.update(config.get('public_url'));
COOKIE_KEY += "_" + hash.digest('hex').slice(0, 6);
}
logger.info('session cookie name is: ' + COOKIE_KEY);
function clearAuthenticatedUser(session) {
session.reset(['csrf']);
......
......@@ -52,7 +52,7 @@ suite.addBatch({
wsapi.clearCookies();
// mess up the cookie
var the_match = first_cookie.match(/browserid_state=([^;]*);/);
var the_match = first_cookie.match(/browserid_state(?:_[a-z0-9]+)?=([^;]*);/);
assert.isNotNull(the_match);
var new_cookie_val = the_match[1].substring(0, the_match[1].length - 1);
wsapi.injectCookies({browserid_state: new_cookie_val});
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment