-
Bug
-
Resolution: Won't Fix
-
Critical
-
None
-
None
-
None
-
4.4 RC3
How to reproduce
- https://www.ametys.org/_plugins/mobileapp/1/mobileapp/get-feeds-content-items?token= with the token
In the response I get the JSESSIONID - do a get on the first image, for example : https://www.ametys.org/mobileapp/_contents-images/ametys-internal%253Asites/mobileapp/ametys-internal%253Acontents/huius-ego-nunc-auctoritatem-actualite/_metadata/illustration/image_crop128x128/Eau_banquise1.jpg?objectId=defaultWebContent://72c067b3-ca33-471c-9683-7465dfb188bf
When you look at the requests in the browser there are 3 requests - first contains the cookie sent by the browser but ametys answer 302
- request to do the authentification
- request to get the image finally
We should not have these 3 requests, the first one should be enough.
[MOBILEAPP-25] Session is created but the user seems to be not authentified
It seems to happen when the calls are made to a site, but the contents comes from another one.
Adding the token to the url of the images/pages can avoid the redirection to the authentication page (that will notice the connection on another site and then redirect to the image)
The mobileapp will add the token in the urls to avoid those redirections.