PHP SESSION issues with Chrome
|Reported by:||aternus||Owned by:|
After a long time of breaking my head on why SESSIONs were broken with Chrome, I've found a solution.
Wordpress rewrite doesn't report 404 properly for a missing favicon (more elements might be involved).
Plugin generates CAPTCHA and stores the value inside the $_SESSION array.
Because of the missing 404 header/wrong rewrite rules, Chrome makes several requests resulting in CAPTCHA being refreshed without user input submit.
Send 404 header for missing files.
Change History (4)
- Keywords close added; has-patch needs-testing removed
- Severity changed from critical to normal
- Version changed from 3.3.1 to 3.0