Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

users behind proxy server seeing mixed userids and inboxes

sashaesashae New
edited July 2011 in Vanilla 2.0 - 2.8
I've gotten a couple of reports from users on my site (running 2.0.18b2) that work in the same office that they've seen instances where their userid/posting identity will get "flipped" -- ie, UserA will hit my site to post, and will post as UserB.

UserB will be able to click on her inbox, and see messages/old whispers from UserA.

This hasn't been reported by any other users, so I strongly suspect it's related to their being behind a proxy server (of some type, they don't know what) in their office.

Any ideas what would cause this, or how to solve it?


  • Options
    Reported by another 2 users, also working in the same office.

    UserIDs get mixed up, Inbox threads are visible to other users (but permission denied is given if the user attempts to click on a thread.) This is definitely problematic -- is there something being done that caches user display based on IP?
  • Options
    lucluc ✭✭
    It might just be the proxy doing some silly things.

    Could you update to the latest unstable? I saw a commit about caching (stuff set to tell proxies not to cache certain things).
    It will surely help.
  • Options
    Fixed the problem for one pair of users, but not for another.
Sign In or Register to comment.