[JC-1711] User can steal session to use the same captcha for registration - JTalks JIRA

Voters

Watchers

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4 Larks
Fix Version/s: 2.4 Larks
Labels:
None
Environment:

Firefox, Opera, IE, Chrome (latest versions)

Sprint:
2.4 Larks

Description

Precondition:

User should be logged out

Test scenario:

Right click on "Sign Up" -> select "открыть в новой вкладке"
Registration form opened in a new page
Repeat first step: right click on "Sign Up" -> select "открыть в новой вкладке" to open a new page with registration form
Fill out the registration form at the first opened page, with correct Username, Mail, Password and captcha text.
Press Sign Up button and receive a message about successful registration
Open second registration page and fill it with other(different) correct Username, Mail, Password
Use the captcha text from previous registration
Press Sign Up button

AR: Message about successful registration received, user is registered
ER: User should received a warning message under captcha text field about wrong text. User couldn't use the same captcha text for different registrations in one session

Attachments

Issue Links

relates to

QA-1875 Check out a possibility to register with captcha value opened in new tab

Open

JC-2076 Possibility to registration with captcha value opened in another tab

Closed

links to

post

Structure

Activity

People

Assignee:

Pavel Gradobik

Reporter:

Pavel Gradobik

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

18/Dec/13 10:19 PM

Updated:

09/Jan/15 1:50 AM

Resolved:

06/Jan/14 4:32 PM

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: