0012438: "Your browser either does not know how to handle cookies, or refuses to handle them." when not using correct upper/lower case

ID	Project	Category	View Status	Date Submitted	Last Update
0012438	mantisbt	authentication	public	2010-10-11 09:42	2012-10-18 18:01

Reporter	KarlReichert	Assigned To	dhx
Priority	low	Severity	minor	Reproducibility	random
Status	closed	Resolution	no change required
Product Version	1.2.1

Summary	0012438: "Your browser either does not know how to handle cookies, or refuses to handle them." when not using correct upper/lower case
Description	I'm using WampServer Version 2.0 on Windows, together with Mantis 1.2.1, Apache 2.2.11, PHP 5.2.11 and MySQL 5.1.36 In the www folder, there is the folder Mantis When a user calls http://myserver/Mantis he can login and use MantisBT without any problems. However, if he is not using the correct upper case, but is using http://myserver/mantis (note the lowercase 'm'), he sometimes cannot login or even if he is logged in, he can do some stuff but after some time or actions, the Mantis login page is displayed with error: "Your browser either does not know how to handle cookies, or refuses to handle them." So I wonder, that the login page is displayed at all, because I thought, if using the wrong case, a "404: Page not found" error would be displayed. And furthermore, why is it working for some time but not at all?
Tags	No tags attached.

coolman 2011-02-23 03:40 reporter ~0028285	I fully second this issue. Running Mantis 2.1.4 on Ubuntu /Apache2 on hosted VPS. After typing username/password on the Mantis login page I get error: "Your browser either does not know how to handle cookies, or refuses to handle them." Issue can be replicated every time and for all browsers. Appreciate any help I can get to overcome this problem.

dhx 2011-02-25 21:34 reporter ~0028296	URLs are case sensitive on Linux (and other) platforms and therefore it is expected that /Mantis/ and /mantis/ paths are considered completely different installations. You should setup your web server so that /Mantis/ redirects to /mantis/ (Apache mod_rewrite perhaps?).

KarlReichert 2011-02-26 03:58 reporter ~0028298	dhx, you are right concerning Linux. However, I'm using a Windows server, which I think is case insensitive. Anyway, there is only 1 installation of Mantis on my server. So if /Mantis/ and /mantis/ directs to the same installation, then cookies shall work for both, too. So I think to fix this issue, either an invocation of the installation with path /mantis/ shall not be possible (MantisBT should print an error and not allow to login) or cookies shall work for both, /Mantis/ and /mantis/.

dhx 2011-02-26 04:06 reporter ~0028299	This isn't really a MantisBT problem - it extends to how browsers and web servers are designed to work. An installation at /Mantis/ doesn't know if a valid installation also exists at /mantis/ so we can't just block one of these paths. Browsers don't know whether the target web server has case sensitive path names and therefore assumes that paths are always case sensitive. The solution is what I suggested before - mod_rewrite (or equivalent) on the server side to translate paths of the wrong case sensitivity. This will occur prior to the web server handing off queries to the file system which doesn't care about case (unless you modify some registry settings to turn on file system case sensitivity for Windows).

JanHegewald 2012-06-01 02:25 reporter ~0031936	I did the following in httpd.conf: Redirect /mantis(.*) http://ip/Mantis$1 But if a user calls http://ip/mantis, he gets the error KarlReichert and coolman are talking about. Am I doing anything wrong with my Redirect directive?

dregad 2012-10-06 05:44 developer ~0033056	Based on dhx's feedback, this is not a MantisBT issue. As mod_rewrite is not supported from this tracker, I'm resolving this issue as 'no change required'

View Issue Details

Activities