#1758 closed defect (worksforme)
When logged in admin I got a 'user tampered with session cookie' exception.
Reported by: | Owned by: | Adrian Holovaty | |
---|---|---|---|
Component: | contrib.admin | Version: | dev |
Severity: | normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
I was logged into my admin continuously without using it for about an hour. When I finally got back to the admin panel I got a 'User Tampered With Session Cookie'. Clearing cookies fixed the problem.
Change History (7)
comment:1 by , 19 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
comment:2 by , 18 years ago
Resolution: | invalid |
---|---|
Status: | closed → reopened |
Version: | magic-removal → 0.91 |
I got this when my sysadmin updated apache. Same thing happened on the admin page. The only change was apache. I had to fix it by getting rid of the checks in django, which is very very bad. I do not know what else to do.
comment:3 by , 18 years ago
In response to the last comment: did this happen repeatedly after the Apache upgrade? Even after clearing cookies in your browser? If so, that is a problem.
But if it just happened the once and then clearing cookies fixed it, that isn't a Django problem. It just means that something major like upgrading Apache might require logging in again. That isn't a common occurrence and not really worth working around (or even possible to do so).
comment:4 by , 18 years ago
Resolution: | → worksforme |
---|---|
Status: | reopened → closed |
Closing. See previous comment.
comment:5 by , 18 years ago
Version: | 0.91 → SVN |
---|
I have the same problem. Clearing cookies doesn't fix this problem. What can I do?
comment:6 by , 18 years ago
I can get this message by logging into the admin system then modifying the SECRET_KEY setting in settings.py.
Clearing the cookie definitely works in this case (using Firefox 2.0.0.1)
comment:7 by , 18 years ago
I can reproduce this problem, although it seems not to be a django problem:
i use mod_python to run django in an apache web server. There is also php4 installed as module on the same server.
If i disable the php4 module, django works with mod_python. When the php module is enabled again, the same error persists.
Without more details I can't reproduce this; there's quite a bit of stuff (proxies, IP changes, changes to your code...) that could have triggered the message.