@anonymous-piwik-user opened this issue on September 3rd 2009

Environment: Piwik 0.4.3, Opera 10.00 (same problem with Firefox as not browser dependant)

Steps to reproduce: 1. Login to piwik 2. Select some non-anonymous site 3. Open piwik on another tab 4. Logout from piwik 5. Refresh piwik on first tab

(Usually I do have something like 50 tabs so exactly above sequence is not so uncommon)

Piwik do not show information (good thing!) but shows various error messages. For example flash graph shows

Open Flash Chart

JSON Parse Error [Syntax Error]
Error at character 0, line 1:

0: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">"

Other frames do show error message ("You can't access this resource as it requires a 'view' access for the website id = 2.") and login screen which is pretty funny (with dashboard there is pretty many small login screens).

Using any of those login screens logs user in but fails miserably: user is redirected to page with only contents of specific frame, without css.

Suggestions: piwik should check if user have permission to view site before showing dashboard. User should be redirected to login screen with error message (above "You can't access this resource as it requires a 'view' access for the website id = 2." is nice and informative enough). It would be nice if login screen redirects user back to original page.

@robocoder commented on September 4th 2009

In SVN, there are already changes: refreshing the first tab causes a redirect to the Login page; login page redirects to the referrer URL upon successful login. (Will be included in 0.4.4.)

The Open Flash Chart error message is a "wontfix" (can't fix) as it isn't an iframe, so we can't use frame busting code, or redirect to the login.

@robocoder commented on September 4th 2009

~~Might be able to tackle this in #804.~~

@robocoder commented on September 9th 2009

In [1463], fixes #975 (refs #966) - redirect if ajax loaded section contains what appears to be the Login form

This issue was closed on September 9th 2009
Powered by GitHub Issue Mirror