tarex
commented
9 years ago Related to #1006 custom message will be "Your session has expired. Please login to continue."
Closed tarex closed 9 years ago
tarex
commented
9 years ago Related to #1006 custom message will be "Your session has expired. Please login to continue."
UnspeakableHorror
commented
9 years ago Actually there's an expire url that can be used for this, do you need to send custom messages there?
UnspeakableHorror
commented
9 years ago @tarex
tarex
commented
9 years ago sure , custom message will be helpful for the future work too .
UnspeakableHorror
commented
9 years ago The page requires a < h1> so you'll have to send that as well.
tarex
commented
9 years ago how can i send the tag ? i was thinking to send the message form the url .
tarex
commented
9 years ago like logout?reason="here is the reason"
UnspeakableHorror
commented
9 years ago You mean as a request parameter?
?title=some title&message=some message
UnspeakableHorror
commented
9 years ago Yes.
tarex
commented
9 years ago yes
tylerbenson
commented
9 years ago I'm actually not a huge fan of allowing arbitrary messages to be passed in via the URL parameter. That's just begging for a XSS vulnerability. Can't we just hardcore the error messages in the page like we did previously?
UnspeakableHorror
commented
9 years ago Yes.
the url should accept some param and show it to the login page as the reason for logout .