Hi!
I'm experiencing a weird issue when I try to login to either the manager page or to the front-end using the Login plugin. It seems like for some reason my PHPSESSID is being sent twice in the request header, and as a consequence it's not set in the response.
Here is my request header when I try to log in:
GET /manager/ HTTP/1.1
Host intranet.startjg.com
Cache-Control max-age=0
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer
http://intranet.startjg.com/manager/
Accept-Encoding gzip,deflate,sdch
Accept-Language en-US,en;q=0.8
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie modx_setup_language=en; PHPSESSID=vcpb9q3ggkdh16qmct0hhhtha7; __utma=242709853.134737707.1349103183.1350396711.1350406875.6; __utmc=242709853; __utmz=242709853.1349103183.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=5i50ihuprl9cv9f1on4ldm7dn2
I've cleared my cache and deleted all the cookies multiple times. And what really perplexes me is that it works in every other browser I tried.
On a site note: while investigating my request/response headers to try to figure out this problem I've seen that my login details are sent to the server unencrypted. Is this the default behaviour or is something wrong with my configuration? If it is intended, isn't this a possible security breach?
I hope someone can help me as this problem has bugged me for a while now. Let me know if you need some more information on the case.
Cheers.