View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001457 | bugs.cacert.org | misc | public | 2019-01-27 14:46 | 2019-02-25 22:07 |
| Reporter | Ted | Assigned To | egal | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | new | Resolution | open | ||
| Summary | 0001457: Please increase session timeout on bugs.cacert.org | ||||
| Description | Hi, could the session timeout on bugs.cacert.org be increased? It looks like it is currently something around 15 or maybe 30 minutes. It is very frustrating when I try to write a comment, looking up some things to make sure I don't tell bullshit, just to have to start all over again because of a session timeout message. I'd ask for an absolute minimum of 1 hour for the timeout, but preferable it should be 4 or even 8 hours. | ||||
| Tags | No tags attached. | ||||
|
|
Hello Dirk, I do not know Mantis well enough to help here. Do you know how to increase the session timeout? |
|
|
This is an annoyance indeed. What happens to me fairly often is that I open a particular bug page in my browser, leave it there for a couple of hours while looking into the actual problem (and possibly get distracted by other stuff), then return to the open page and add a comment -- which fails due to the timeout, and all data entered is lost :-( Even with a much longer timeout one might run into this trap, the safest solution is to refresh the page in the browser before entering new data. But it's easy to forget ... |
|
|
I just changed the timeout-variable for mantis from 5 minutes to 30 minutes. Please verify, if the timeout is now extended ... we should then find a consens between security and comfortability ... |
|
|
Test, last action was 22:50 |
|
|
I just found out that the default refresh time seems to be set to 30 minutes. So, maybe setting the timeout to 35 minutes will prevent most of the incomfortabilities? At least I just set my refresh timeout to 10 minutes, so I should already be on the safe side... :-) BTW, what is the attack scenario which is prevented by a short timeout? It's hard to judge "security" without knowing what may happen... |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-01-27 14:46 | Ted | New Issue | |
| 2019-01-27 14:46 | Ted | Assigned To | => jandd |
| 2019-01-27 15:52 | jandd | Note Added: 0005756 | |
| 2019-01-27 15:52 | jandd | Assigned To | jandd => egal |
| 2019-01-30 07:58 | wytze | Note Added: 0005759 | |
| 2019-02-01 15:38 | egal | Note Added: 0005762 | |
| 2019-02-14 22:26 | Ted | Note Added: 0005773 | |
| 2019-02-25 22:07 | Ted | Note Added: 0005779 |
