Commit a7a37db9 authored by Max Kanat-Alexander's avatar Max Kanat-Alexander

Bug 611891: Don't generate cookies for logins done over GET via the WebService

r=glob, a=mkanat
parent 41c2692f
......@@ -146,7 +146,12 @@ sub _handle_login_result {
my $fail_code = $result->{failure};
if (!$fail_code) {
if ($self->{_info_getter}->{successful}->requires_persistence) {
# We don't persist logins over GET requests in the WebService,
# because the persistance information can't be re-used again.
# (See Bugzilla::WebService::Server::JSONRPC for more info.)
if ($self->{_info_getter}->{successful}->requires_persistence
and !Bugzilla->request_cache->{auth_no_automatic_login})
{
$self->{_persister}->persist_login($user);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment