Open jaimalsumbria opened 11 months ago
This is an interesting problem. I suppose the other tabs are not aware that the cookie has been deleted and keep using it.
I think the proper way to solve this is to generate a random token that we exchange for the password which lets us invalidate it.
Is there an existing issue for this?
OS/Web Information
code-server --version
:Steps to Reproduce
Code-server version 4.13.0.
Expected
It shouldn't allows changes to be made in files opened in different tab after logging out from any of the tabs.
Actual
Code-server version 4.13.0. It allows changes to be made in files opened in different tabs even after logging out from one tab. The logout action is effective only if we refresh the new tab; otherwise, code-server remains (semi-) logged in for that tab.
Logs
No response
Screenshot/Video
No response
Does this issue happen in VS Code or GitHub Codespaces?
Are you accessing code-server over HTTPS?
Notes
I am using https but not built-in, I am proxying through NGINX.