Nonce::verifyNonce() returning FALSE when it should not #16057

Bug 3.14.0
@luismsgomes opened this Issue on June 11th 2020 Contributor

Configuration seems OK to me.

Debugging Nonce::verifyNonce() I noticed:

  1. self::getOrigin(); returns 'https://somedomain.org:443'
  2. self::getAcceptableOrigins() returns array('http://somedomain.org', 'https://somedomain.org')

Thus, the returned origin is not found in the acceptable origins array.

Note the missing ports in the acceptable origins.

Matomo version 3.13.6.

This Issue was closed on June 24th 2020
Home | Back
Powered by GitHub Issue Mirror
Privacy Policy