In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

Viewing Issue Advanced Details Jump to Notes ] Wiki ]  Related Changesets ] View Simple ] Issue History ] Print ]
ID Category Type Reproducibility Date Submitted Last Update
0000095 [In-Portal CMS] Other feature request always 2009-06-18 00:19 2010-07-22 15:06
Reporter Dmitry View Status public Project Name In-Portal CMS
Assigned To alex Developer
Priority normal Resolution fixed Platform
Status closed   OS
  OS Version
ETA none Fixed in Version 5.1.0-B1 Product Version
  Target Version 5.1.0 Product Build
Time EstimateNo estimate
Summary 0000095: Support for Multi-Domain Installation
Description In order to fully support multi-domain installation we need to rework and improve cookie domain detection.

Currently $_SERVER['HTTP_HOST'] is used as cookie domain, however there are cases when you can't fully rely on this especially in cases with single installation running on multiple Domains.

Example: demo.in-portal.net, demo.in-portal.com, www.in-portal.org, in-portal.org

Proposing:

a. Add new configuration variable: CustomCookieDomains where administrator can list all domain names (one per line) on which In-Portal matches domain from $_SERVER['HTTP_HOST']. User must enter exact cookie domain (with all leading dots if any).

b. New variable will be placed in Admin->Configuration->Website->Advanced: Cookie Settings section and will be disabled/empty by default so it works as they are now.

When
- nothing is entered into CustomCookieDomains variable
- when none of entered cookie domains will match domain from $_SERVER['HTTP_HOST']

and $_SERVER['HTTP_HOST'] consists of 3 parts (e.g. "www.domain.com" or "ftp.domain.com"), then we automatically detect cookie domain as ".domain.com" (last 2 parts).

In case, when $_SERVER['HTTP_HOST'] consists of more, then 3 parts, then use $_SERVER['HTTP_HOST'] as cookie domain.

When cookie domains from configuration variable are matched, then leading dot should be stripped (only when matching).

domain.com
sub.domain.com
www.domain.com
will match to "domain.com"
Steps To Reproduce
Additional Information
Tags No tags attached.
Reference https://in-business.intechnic.com/?20325
Change Log Message Improved Cookie-Domain detection mechanism
Estimate Points 0
Attached Files patch file icon infinite_redirect_with_cookies.patch [^] (5,923 bytes) 2010-02-03 12:08 [Show Content]
patch file icon infinite_redirect_with_cookies_v2.patch [^] (6,647 bytes) 2010-05-01 12:02 [Show Content]
patch file icon infinite_redirect_with_cookies_v3.patch [^] (6,795 bytes) 2010-05-05 02:42 [Show Content]
patch file icon infinite_redirect_with_cookies_modules.patch [^] (610 bytes) 2010-05-05 02:42 [Show Content]

- Relationships Relation Graph ] Dependency Graph ]
related to 0000472closed (5.1.0)alex Domain-based site auto-configuration 

-  Notes
User avatar (0001450)
Dmitry (manager)
2010-02-02 10:59
edited on: 2010-02-02 11:00

Reminder sent to: alex

For now we are making this as Global setting and NOT relating to task:

0000472 Domain-based site auto-configuration

User avatar (0001460)
alex (manager)
2010-02-03 15:25

Here is test plan (use is before and after patch is applied):

Domain A: http://www.domain.com/admin
Domain B: http://domain.com/admin

1. Delete "adm_sid" and "adm_sid_live" cookies on both domains (before visiting them !!!)
2. Visit A domain
3. Visit B domain
4. At this point we will have cookie named "adm_sid" on both domains with different values
5. Login on A domain
6. Login on B domain
7. Logout on A domain (witness, that you have still logged-in, but using user from B domain and "adm_sid" cookie is same for both domains)
8. Logout again on A domain (witness infinite redirect)
User avatar (0001525)
alex (manager)
2010-03-09 09:08

TODO: need to cache _autoGuessDomain function result (locally in static variable), because when SessionCookieDomains configuration variable is empty, then this method is called every time, when cookie is set.
User avatar (0002027)
Dmitry (manager)
2010-04-28 11:34

Please reassemble.
User avatar (0002036)
alex (manager)
2010-05-01 12:02

Re-assembled.
User avatar (0002049)
Dmitry (manager)
2010-05-02 13:36

Tested good.
User avatar (0002050)
Dmitry (manager)
2010-05-02 14:21

Please use NEW Cookie name instead of current in configuration.

Add "in_" prefix during installation or upgrade.
User avatar (0002060)
alex (manager)
2010-05-05 02:45

I didn't add "in_" prefix to all cookies, since we need to add "in_" in all places, where that cookie value is read via $this->Application->GetVar('cookie_get_name'); and we can't guess if we are retrieving cookie or not.

That's why I added code, that will delete cookie from all other domains in all cases, not only during installation.

This will work, since we are not setting cookie every day.
User avatar (0002062)
Dmitry (manager)
2010-05-05 08:50

Seems to be working good, please commit
User avatar (0002066)
alex (manager)
2010-05-05 11:26

Fix committed to 5.1.x branch. Commit Message:

Fixes 0000095: Support for Multi-Domain Installation
User avatar (0002531)
alex (manager)
2010-07-22 15:06

Closing, since 5.1.0 release has been released.

- Related Changesets
In-Portal CMS: 5.1.x r13492
Timestamp: 2010-05-05 11:26:34
Author: alex
Details ] Diff ]
Fixes 0000095: Support for Multi-Domain Installation
mod - /in-portal/branches/5.1.x/core/install/english.lang Diff ] File ]
mod - /in-portal/branches/5.1.x/core/install/install_data.sql Diff ] File ]
mod - /in-portal/branches/5.1.x/core/install/upgrades.sql Diff ] File ]
mod - /in-portal/branches/5.1.x/core/kernel/session/session.php Diff ] File ]
mod - /in-portal/branches/5.1.x/core/kernel/utility/unit_config_reader.php Diff ] File ]
Modules :: In-Commerce: 5.1.x r13491
Timestamp: 2010-05-05 11:24:03
Author: alex
Details ] Diff ]
Bug 0000095: Support for Multi-Domain Installation
mod - /w/in-commerce/branches/5.1.x/units/affiliates/affiliates_event_handler.php Diff ] File ]

- Issue History
Date Modified Username Field Change
2010-10-10 10:20 alex Relationship added related to 0000472
2010-07-22 15:06 alex Note Added: 0002531
2010-07-22 15:06 alex Status resolved => closed
2010-05-05 11:26 alex Note Added: 0002066
2010-05-05 11:26 alex Status reviewed and tested => resolved
2010-05-05 11:26 alex Fixed in Version => 5.1.0-B1
2010-05-05 11:26 alex Resolution open => fixed
2010-05-05 11:26 alex Changeset attached 5.1.x r13492
2010-05-05 11:24 alex Changeset attached 5.1.x r13491
2010-05-05 08:50 Dmitry Note Added: 0002062
2010-05-05 08:50 Dmitry Assigned To !COMMUNITY => alex
2010-05-05 08:50 Dmitry Status needs testing => reviewed and tested
2010-05-05 02:45 alex Note Added: 0002060
2010-05-05 02:45 alex Assigned To alex => !COMMUNITY
2010-05-05 02:45 alex Status needs work => needs testing
2010-05-05 02:42 alex File Added: infinite_redirect_with_cookies_modules.patch
2010-05-05 02:42 alex File Added: infinite_redirect_with_cookies_v3.patch
2010-05-02 14:21 Dmitry Note Added: 0002050
2010-05-02 14:21 Dmitry Status reviewed and tested => needs work
2010-05-02 13:36 Dmitry Note Added: 0002049
2010-05-02 13:36 Dmitry Assigned To !COMMUNITY => alex
2010-05-02 13:36 Dmitry Status needs testing => reviewed and tested
2010-05-01 12:02 alex Note Added: 0002036
2010-05-01 12:02 alex Assigned To alex => !COMMUNITY
2010-05-01 12:02 alex Status needs work => needs testing
2010-05-01 12:02 alex File Added: infinite_redirect_with_cookies_v2.patch
2010-04-28 11:39 Dmitry Change Log Message => Improved Cookie-Domain detection mechanism
2010-04-28 11:34 Dmitry Note Added: 0002027
2010-04-28 11:34 Dmitry Assigned To !COMMUNITY => alex
2010-04-28 11:34 Dmitry Status needs testing => needs work
2010-03-09 09:08 alex Note Added: 0001525
2010-02-27 04:24 alex Developer => alex
2010-02-03 15:25 alex Note Added: 0001460
2010-02-03 12:08 alex Time Estimate Removed 5 =>
2010-02-03 12:08 alex Assigned To alex => !COMMUNITY
2010-02-03 12:08 alex Status needs work => needs testing
2010-02-03 12:08 alex File Added: infinite_redirect_with_cookies.patch
2010-02-02 11:00 Dmitry Note Edited: 0001450 View Revisions
2010-02-02 10:59 Dmitry Note Added: 0001450
2010-01-12 11:32 alex Time Estimate Added 5
2010-01-12 11:32 alex Status active => needs work
2009-10-03 07:54 administrator Status reviewed and tested => active
2009-08-09 03:27 alex Status needs testing => reviewed and tested
2009-06-19 05:37 alex Reference => https://in-business.intechnic.com/?20325
2009-06-18 23:42 Dmitry Status needs work => needs testing
2009-06-18 23:42 Dmitry Target Version => 5.1.0
2009-06-18 16:00 Dmitry Summary Support for multi-domain Installation => Support for Multi-Domain Installation
2009-06-18 15:46 alex Description Updated View Revisions
2009-06-18 15:35 alex Note Deleted: 0000090
2009-06-18 15:30 alex Description Updated View Revisions
2009-06-18 15:05 alex Note Added: 0000090
2009-06-18 15:03 alex Description Updated View Revisions
2009-06-18 15:03 alex Description Updated View Revisions
2009-06-18 14:43 alex Status needs feedback => needs work
2009-06-18 00:20 Dmitry Summary Support for multi-domain Installations => Support for multi-domain Installation
2009-06-18 00:19 Dmitry Assigned To => alex
2009-06-18 00:19 Dmitry Status active => needs feedback
2009-06-18 00:19 Dmitry New Issue



Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker