Environment: Piwik 0.4.3, Opera 10.00 (same problem with Firefox as not browser dependant)
Steps to reproduce: 1. Login to piwik 2. Select some non-anonymous site 3. Open piwik on another tab 4. Logout from piwik 5. Refresh piwik on first tab
(Usually I do have something like 50 tabs so exactly above sequence is not so uncommon)
Piwik do not show information (good thing!) but shows various error messages. For example flash graph shows
Open Flash Chart JSON Parse Error [Syntax Error] Error at character 0, line 1: 0: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">"
Other frames do show error message ("You can't access this resource as it requires a 'view' access for the website id = 2.") and login screen which is pretty funny (with dashboard there is pretty many small login screens).
Using any of those login screens logs user in but fails miserably: user is redirected to page with only contents of specific frame, without css.
Suggestions: piwik should check if user have permission to view site before showing dashboard. User should be redirected to login screen with error message (above "You can't access this resource as it requires a 'view' access for the website id = 2." is nice and informative enough). It would be nice if login screen redirects user back to original page.
In SVN, there are already changes: refreshing the first tab causes a redirect to the Login page; login page redirects to the referrer URL upon successful login. (Will be included in 0.4.4.)
The Open Flash Chart error message is a "wontfix" (can't fix) as it isn't an iframe, so we can't use frame busting code, or redirect to the login.
~~Might be able to tackle this in #804.~~
In , fixes #975 (refs #966) - redirect if ajax loaded section contains what appears to be the Login form