A browser can carry more than one quinn_sso_session (a stale host-only cookie shadowing the good Domain-scoped one), and the shadow can sort first. Add extractSessionCookies (all non-empty values) and make validateSession try each until one verifies, instead of only the first. Root cause of the my.transquinnftw.com login loop. |
||
|---|---|---|
| .. | ||
| backend-api | ||
| frontend-public | ||