| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 17790 | Bug reports | File manager | public | 2021-12-09 18:39 | 2022-04-13 17:45 |
| Reporter | DenisChenu | Assigned To | DenisChenu | ||
| Priority | none | Severity | minor | ||
| Status | closed | Resolution | fixed | ||
| Product Version | 5.2.x | ||||
| Summary | 17790: KCFinder Image Browse Server not working due to incorrect cookieDomain | ||||
| Description | When behind a proxy nothing happen when try to browse server, even if set csrfCookie with a valid domain | ||||
| Steps To Reproduce | Steps to reproduceSet a server with proxy host as proxy.example.org and final to final.example.org (Lime survey work without this , but not kcfinder)
| ||||
| Tags | No tags attached. | ||||
| Bug heat | 6 | ||||
| Complete LimeSurvey version number (& build) | 5.2.4+211129 | ||||
| I will donate to the project if issue is resolved | No | ||||
| Browser | firefox | ||||
| Database type & version | not relevant | ||||
| Server OS (if known) | not relevant | ||||
| Webserver software & version (if known) | not relevant | ||||
| PHP Version | 7.4 | ||||
 |
Reason : we check if Yii::app()->getRequest()->csrfCookie->domain is set but : is never set Yii::app()->getRequest()->csrfCookie is an array : https://www.yiiframework.com/doc/api/1.1/CHttpRequest#csrfCookie-detail |
|
|
Think we can check https://www.yiiframework.com/doc/api/1.1/CHttpSession#setCookieParams-detail too |
|
|
|
|
|
Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=33077 |
 |
Fixed in Release 5.2.8+220103 |
|
|
Fix committed to 3.x-LTS branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=33138 |
