From owner-freebsd-ports Mon Nov 12 14: 0:13 2001 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 9F4D537B419 for ; Mon, 12 Nov 2001 14:00:02 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id fACM02u31434; Mon, 12 Nov 2001 14:00:02 -0800 (PST) (envelope-from gnats) Received: from rooster.creighton.edu (rooster.creighton.edu [147.134.2.73]) by hub.freebsd.org (Postfix) with ESMTP id BF11137B405 for ; Mon, 12 Nov 2001 14:00:01 -0800 (PST) Received: by rooster.creighton.edu (Postfix, from userid 1000) id E3F4F62D02; Mon, 12 Nov 2001 15:59:54 -0600 (CST) Message-Id: <20011112215954.E3F4F62D02@rooster.creighton.edu> Date: Mon, 12 Nov 2001 15:59:54 -0600 (CST) From: Sean Kelly Reply-To: Sean Kelly To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: ports/31938: Broken cookie handling in lynx-ssl-2.8.4.1 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 31938 >Category: ports >Synopsis: Broken cookie handling in lynx-ssl-2.8.4.1 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Nov 12 14:00:02 PST 2001 >Closed-Date: >Last-Modified: >Originator: Sean Kelly >Release: FreeBSD 4.4-STABLE i386 >Organization: >Environment: System: FreeBSD rooster.creighton.edu 4.4-STABLE FreeBSD 4.4-STABLE #6: Mon Sep 24 17:13:26 CDT 2001 root@rooster.creighton.edu:/usr/obj/usr/src/sys/ROOSTER i386 >Description: Attempts to login to various websites (Slashdot, local campus site, etc) which have a login/password form which set a cookie and then redirect you to another page are failing. It appears that the browser is not telling the web server about the cookie after the redirect. >How-To-Repeat: Try to login to a user account at http://slashdot.org or some other site that uses a form to collect username/password, POSTs to a page which sets a cookie, and then redirects you to a new page which requires that the previously set cookie be present. >Fix: None known so far. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message