lmAuth param sent to protected application
Concerned version
Version: 2.0.10
Summary
- Configure Choice Demo1=>Demo
- Set notifyOther=1
- Browse to http://test1.example.com
- Login, close browser, login again
- Info on your previous session is display, continue
- You end up on http://test1.example.com/?lmAuth=Demo1
Possible fixes
Fix forms so that the lmAuth hidden field is only included when SENDPARAMS=1