> >> I've run into an issue with session creation. A member of our staff > >> was testing one of our IC sites and she had a customers data > >> automatically pulled into her session. She clears her cache and > >> cookies daily. The steps she followed are: > >> <snip> > > > > Does she log into the Interchange admin? Edit orders or > > customer data? The > > default Interchange admin uses the same session that the > > storefront does, > > so information can leak that way for an admin user. (Customers would > > never see this.) > > > > You said above that "She clears her cache and cookies daily", > > but only > > daily gives plenty of time for session info leakage to happen. > > > > One way to narrow down the problem would be to have her use > > an entirely > > separate browser when using the admin vs. the customer-facing > > store. That > > is, use Firefox vs. Safari vs. IE, not just a separate window or tab. > > > > Jon > > I find this happens VERY frequently when simply using another tab (at least > within IE). I've only seen this within a new browser instance when still logged > into the admin. Of course, different browsers would not produce this. > > So, I guess I am just agreeing with Jon :-) > > Paul Jordan > > Gish Network > For Print, Web and Life > suppressed > Thanks for the replies Paul and Jon. Multiple tabs in Firefox causes the same problem for sure. I checked at the time, and she hadn't been doing that. I'll dig into the logs again and see if I missed anything. If anyone has any ideas or pointers it would be much appreciated. _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.