>> We're implementing a new Intranet and in the spec it
>> requires web-based applications to run within a framed environment
whenever
>> possible. Basically all our tools are in a list framed on the left and
when
>> clicked they load in a frame on the right.
>>
>> I've been able to get OTRS to load in the frame and all was fine until
>> today. It appears that anytime we click a message in the message thread
view
>> (something historical), OTRS logs us out. This only occurs on those links
>> and the rest of the app runs fine in the frames.
>>
>> Take OTRS out of the frame and the message history links behave as they
>> should.

>I tryed to reproduce it. I created an frame html page ... and OTRS works
fine
>in this frame (zoom, message threads, historry, ...).

>If you can reproduce it, create an bug report on http:/bugs.otrs.org/ with
>your html frame page to repeoduce the error.

Here's what I've seen. Not sure if this is a bug or not yet, so I'll keep it
on the list until otherwise. This is on IE 6 if that even matters. It
appears OTRS behaves differently depending on if it is loaded into a frame
or not and possibly if the frames are loaded from different domains/ips.

I'll explain.

Open OTRS non-framed and log in. Go to a case thread, view the source or the
link properties. It will appear something like this:

otrs/index.pl?TicketID=447&QueueID=0&Action=AgentZoom&ArticleID=4357#4357

notice there is no Session ID in the link. All other links appear this way
as well.

Now create a left/right frameset with the left frame having a link to
/otrs/index.pl and the right a blank page. Click the link to load OTRS in
the right and login.

On our systems we see all links are appended with the Session ID. This is
fine for all links on the page except for navigating the message thread. It
appears that maybe the practice is to append the Session to the end of the
link. That's a problem because you end up with something like this...

otrs/index.pl?TicketID=447&QueueID=0&Action=AgentZoom&ArticleID=4357#4357&Se
ssion=blahblah

The session is appended to the anchor, so when you click it, the session is
lost to otrs and it appears you are not logged in properly. I've presently
removed the anchor code to get us around the issue, that's why my example
url is a bit off :)

One more thing. Our intranet is mixed. The left frame and frameset comes
from one machine/ip while otrs comes from another. Not sure if that mixed ip
deal is doing something to the session cookies or not.

Charles


_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting für Ihr OTRS System?
=> http://www.otrs.de/

Reply via email to