Project

General

Profile

Actions

Task #89877

closed

Cookie "lastLoginProvider" appears to serve no true purpose

Added by Claus Due almost 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Could have
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
2019-12-06
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
10
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

In the ongoing pursuit of making TYPO3's anonymous requests cookie free, I reviewed the cookies used by the authentication system and found that "lastLoginProvider" does not appear to have a true purpose:

  • The parameter is transferred as URI parameter as well
  • The cookie is used as a shortcut alternative to resolving the login provider anew

In my opinion the cookie can be removed.


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #90568: BE user cookie set regardless of sessionClosedMarkus Klein2020-02-28

Actions
Actions

Also available in: Atom PDF