View Issue Details

This bug affects 1 person(s).
 6
IDProjectCategoryView StatusLast Update
17790Bug reportsFile managerpublic2022-04-13 17:45
ReporterDenisChenu Assigned ToDenisChenu  
PrioritynoneSeverityminor 
Status closedResolutionfixed 
Product Version5.2.x 
Summary17790: KCFinder Image Browse Server not working due to incorrect cookieDomain
Description

When behind a proxy nothing happen when try to browse server, even if set csrfCookie with a valid domain

Steps To Reproduce

Steps to reproduce

Set a server with proxy host as proxy.example.org and final to final.example.org
Set your config like someting like this

     'session' => array (
        'sessionName'=>'LS-dqsdqsE',
        'cookieParams' => array(
            'domain' => "final.example.org",
        ),
     ),
    'request' => array(
        'csrfCookie' => array( 
            'domain' => 'final.example.org',
        ),
    ),

(Lime survey work without this , but not kcfinder)
Test
Expected result

Cookies was created and browse work

Actual result

Cookies was not created, browse doidn't work (and receive console error)

TagsNo tags attached.
Attached Files
Bug heat6
Complete LimeSurvey version number (& build)5.2.4+211129
I will donate to the project if issue is resolvedNo
Browserfirefox
Database type & versionnot relevant
Server OS (if known)not relevant
Webserver software & version (if known)not relevant
PHP Version7.4

Users monitoring this issue

operatorone

Activities

DenisChenu

DenisChenu

2021-12-09 18:40

developer   ~67752

Reason : we check if Yii::app()->getRequest()->csrfCookie->domain is set but : is never set

Yii::app()->getRequest()->csrfCookie is an array : https://www.yiiframework.com/doc/api/1.1/CHttpRequest#csrfCookie-detail

DenisChenu

DenisChenu

2021-12-09 18:44

developer   ~67753

Last edited: 2021-12-14 12:56

Think we can check https://www.yiiframework.com/doc/api/1.1/CHttpSession#setCookieParams-detail too

DenisChenu

DenisChenu

2021-12-09 19:18

developer   ~67754

Last edited: 2021-12-14 12:56

https://github.com/LimeSurvey/LimeSurvey/pull/2176

DenisChenu

DenisChenu

2021-12-29 11:03

developer   ~67871

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=33077

LimeBot

LimeBot

2022-01-05 09:30

administrator   ~67903

Fixed in Release 5.2.8+220103

DenisChenu

DenisChenu

2022-02-02 01:47

developer   ~68182

Fix committed to 3.x-LTS branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=33138

Related Changesets

LimeSurvey: master c23fbfd6

2021-12-29 11:03:52

DenisChenu


Committer: GitHub Details Diff
Fixed issue 17790: KCFinder Image Browse Server not working due to incorrect cookieDomain (#2176)

Dev: this need to set it in config.
Affected Issues
17790
mod - application/helpers/admin/htmleditor_helper.php Diff File

LimeSurvey: 3.x-LTS 8fa2388e

2022-02-02 01:47:35

DenisChenu


Committer: GitHub Details Diff
Fixed issue 17790: KCFinder Image Browse Server not working due to incorrect cookieDomain (#2212)

Dev: this need to set it in config.
Dev: but take config to fix KCFINDER cookieDomain
Affected Issues
17790
mod - application/helpers/admin/htmleditor_helper.php Diff File

Issue History

Date Modified Username Field Change
2021-12-09 18:39 DenisChenu New Issue
2021-12-09 18:39 DenisChenu File Added: Capture d’écran du 2021-12-09 18-38-09.png
2021-12-09 18:40 DenisChenu Note Added: 67752
2021-12-09 18:40 DenisChenu Bug heat 0 => 2
2021-12-09 18:40 DenisChenu Assigned To => DenisChenu
2021-12-09 18:40 DenisChenu Status new => assigned
2021-12-09 18:44 DenisChenu Note Added: 67753
2021-12-09 19:18 DenisChenu Assigned To DenisChenu => galads
2021-12-09 19:18 DenisChenu Status assigned => ready for testing
2021-12-09 19:18 DenisChenu Note Added: 67754
2021-12-14 12:55 galads Status ready for testing => acknowledged
2021-12-14 12:56 galads Zoho Project Synchronization => |Yes|
2021-12-16 12:57 galads Status acknowledged => confirmed
2021-12-16 12:59 galads Status confirmed => ready for testing
2021-12-29 11:03 DenisChenu Changeset attached => LimeSurvey master c23fbfd6
2021-12-29 11:03 DenisChenu Note Added: 67871
2021-12-29 11:03 DenisChenu Assigned To galads => DenisChenu
2021-12-29 11:03 DenisChenu Resolution open => fixed
2022-01-05 09:30 LimeBot Zoho Project Synchronization Yes => |Yes|
2022-01-05 09:30 LimeBot Note Added: 67903
2022-01-05 09:30 LimeBot Status ready for testing => closed
2022-01-05 09:30 LimeBot Bug heat 2 => 4
2022-02-02 01:47 DenisChenu Changeset attached => LimeSurvey 3.x-LTS 8fa2388e
2022-02-02 01:47 DenisChenu Note Added: 68182
2022-04-13 17:45 operatorone Issue Monitored: operatorone
2022-04-13 17:45 operatorone Bug heat 4 => 6