Clean up session files in compile run
During the compile run, certain / most caches are rebuilt. If an account is currently logged in, it won't be able to access restricted resources after a compile run because the session cookie doesn't have corresponding information in FLOW3 anymore. In this case the user will experience an Access Denied exception (not a nice experience).
If the PHP session data would be trashed during the compile run, the user would get a fresh session cookie on the next hit and instead of the Access Denied would be redirected to an authentication entry point due to a AuthenticationRequiredException.
- Category changed from Security to Session
would be nice to be fixed, though no blocker.
- Target version changed from 1.0 beta 1 to 1.0 beta 2
- Target version changed from 1.0 beta 2 to 1.0.0
- Target version deleted (
- Target version set to 1.0.1
- Has patch set to No
- Target version changed from 1.0.1 to 1.0.2
- Target version changed from 1.0.2 to 1.0.3
- Target version changed from 1.0.3 to 1.0.4
- Status changed from New to Accepted
- Assignee set to Christian Müller
- Status changed from Accepted to Under Review
- Target version changed from 1.0.4 to 1.1
- Target version changed from 1.1 to 1.1 beta 1
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Also available in: Atom