[Django] #35895: Password reset does not work using Safari
4 views
Skip to first unread message
Django
Nov 7, 2024, 5:05:01 AM11/7/24
to django-...@googlegroups.com
#35895: Password reset does not work using Safari
-------------------------------------+-------------------------------------
Reporter: christian-thieme | Type: Bug
Status: new | Component:
| contrib.auth
Version: 5.1 | Severity: Normal
Keywords: password reset | Triage Stage:
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
The password reset functionionality from django.contrib.auth.views do not
work with the latest Safari browser.
After submitting the password reset form and receiving the email, the
password reset link is invalid.
Works using Chrome or Firefox.
Verified by multiple users.
Tested on MacOS 15.0.1 and iOS 18.01.
--
Ticket URL: <https://code.djangoproject.com/ticket/35895>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
-------------------------------------+-------------------------------------
Reporter: christian-thieme | Type: Bug
Status: new | Component:
| contrib.auth
Version: 5.1 | Severity: Normal
Keywords: password reset | Triage Stage:
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
The password reset functionionality from django.contrib.auth.views do not
work with the latest Safari browser.
After submitting the password reset form and receiving the email, the
password reset link is invalid.
Works using Chrome or Firefox.
Verified by multiple users.
Tested on MacOS 15.0.1 and iOS 18.01.
--
Ticket URL: <https://code.djangoproject.com/ticket/35895>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Nov 7, 2024, 5:23:38 AM11/7/24
to django-...@googlegroups.com
#35895: Password reset does not work using Safari
-------------------------------------+-------------------------------------
Reporter: Christian Thieme | Owner: (none)
-------------------------------------+-------------------------------------
Type: Bug | Status: new
Component: contrib.auth | Version: 5.1
Severity: Normal | Resolution:
Component: contrib.auth | Version: 5.1
Keywords: password reset | Triage Stage:
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Christian Thieme):
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
It seems this problem only occurs when using a second level sub domain.
We have a service with a domain like app.example.com, here it works as
expected.
Additionally we host the same django project on a demo site with a domain
like app.demo.example.com.
The problem only occurs at the demo site.
--
Ticket URL: <https://code.djangoproject.com/ticket/35895#comment:1>
Django
Nov 7, 2024, 6:14:37 AM11/7/24
to django-...@googlegroups.com
#35895: Password reset does not work using Safari
-------------------------------------+-------------------------------------
Reporter: Christian Thieme | Owner: (none)
Type: Bug | Status: closed
-------------------------------------+-------------------------------------
Reporter: Christian Thieme | Owner: (none)
Component: contrib.auth | Version: 5.1
Severity: Normal | Resolution: invalid
Keywords: password reset | Triage Stage:
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Christian Thieme):
safari | Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* resolution: => invalid
* status: new => closed
Comment:
I could solve it by setting SESSION_COOKIE_SECURE and CSRF_COOKIE_SECURE
to True
--
Ticket URL: <https://code.djangoproject.com/ticket/35895#comment:2>
Reply all
Reply to author
Forward
0 new messages