JavaUpload: "^SUCCESS$" was not found in the response header

[m701]

Hi all,
i had the same error. Cause is the (useful !!!) php-setting "session.cookie_httponly = On". This setting marks the session-cookie as accessible only through the HTTP protocol.

Solution 1: Set session.cookie_httponly = 0 in /etc/php5/apache2/php.ini. Restart apache.

or better

Solution 2: Add
<param name="readCookieFromNavigator" value="false">
<param name="specificHeaders" value="Cookie: <?php echo $this->session->getName().'='.$this->session->getId();?>">
in ./administrator/components/com_phocagallery/views/phocagallerym/tmpl/form_javaupload.php after line 35 and after line 18.

Systemdata: Suse-Linux 10.3, Apache/2.2.4, PHP 5.2.11, Joomla 1.5.15, Phoca_Gallery 2.5.8

Best regards
Günter

[Jan]

Hi, thank you for this information.

Jan

[m701]

Hi, can i hope that solution 2 will be considered in the next version?

[Jan]

Hi, I will take a look at it (2), but it seems this solution can be security problem for the site

[m701]

Solution 1 could be a problem, because session.cookie_httponly = 1 can effectively help to reduce identity theft through XSS attacks. So I prefer solution 2. Perhaps this behavior should be configurable.

[m701]

Hi,
please forget it and delete the complete thread!

[donkeyslo]

This solved my problem, my question now is if it is ok to use this hack or not?