[opensuse-buildservice] Redirect fix for build monitor (PATCH)
Hello, the trigger build redirects to wrong page, when called from monitor page. I added a correct redirect in attached patch. Ciao -- http://www.dstoecker.eu/ (PGP key available)
Hi Dirk,
the trigger build redirects to wrong page, when called from monitor page. I added a correct redirect in attached patch.
I applied your patch (SVN rev. 1220) after a little correction: the if-statement had erroneously a = intead of a == for comparing values. Thank you very much for your patch! -- David Mayr, http://davey.de openSUSE LINUX, http://opensuse.de --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Hmm,
the trigger build redirects to wrong page, when called from monitor page. I added a correct redirect in attached patch.
I applied your patch (SVN rev. 1220) after a little correction: the if-statement had erroneously a = intead of a == for comparing values.
I thought it must be that way, got an error before with ==. Sorry, I'm still learning ruby :-) Ciao -- http://www.dstoecker.eu/ (PGP key available) --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Hi Dirk,
I applied your patch (SVN rev. 1220) after a little correction: the if-statement had erroneously a = intead of a == for comparing values.
I thought it must be that way, got an error before with ==.
hmmmm, I'm a bit confused. There must have been something else wrong. If you use = in an if-statement, it should always be true except the assigned value is 'nil' or 'false'.
Sorry, I'm still learning ruby :-)
Nothing to be sorry about. Your help is much appreciated! -- David Mayr, http://davey.de openSUSE LINUX, http://opensuse.de --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Tue, 13 Feb 2007, David Mayr wrote:
hmmmm, I'm a bit confused. There must have been something else wrong.
Probably.
Sorry, I'm still learning ruby :-)
Nothing to be sorry about. Your help is much appreciated!
BTW: The external access still does not work. I'm running my system with the patch from Rafal. Will this be fixed soon? Adding a comment to development.rb about the correct settings for api.opensuse.org access from outside would be a good idea as well. Ciao -- http://www.dstoecker.eu/ (PGP key available) --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On 2007-02-13 09:18:23 +0100, Dirk Stoecker wrote:
the trigger build redirects to wrong page, when called from monitor page. I added a correct redirect in attached patch.
personally i would rather use the referrer with an default redirect target if there is no referrer. what do you think? darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Tue, 13 Feb 2007, Marcus Rueckert wrote:
On 2007-02-13 09:18:23 +0100, Dirk Stoecker wrote:
the trigger build redirects to wrong page, when called from monitor page. I added a correct redirect in attached patch.
personally i would rather use the referrer with an default redirect target if there is no referrer.
what do you think?
Hmm. That can make lots of security trouble I think. Also what do you do, when the previous page was dynamic and reloading is not one of the best ideas. Ciao -- http://www.dstoecker.eu/ (PGP key available) --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On 2007-02-13 14:02:57 +0100, Dirk Stoecker wrote:
Hmm. That can make lots of security trouble I think.
why? what kind of scenarios do you have in mind?
Also what do you do, when the previous page was dynamic and reloading is not one of the best ideas.
what kind of scenarios do you have in mind? i think the same could happen with your explicit jump targets aswell. no? darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Tue, 13 Feb 2007, Marcus Rueckert wrote:
On 2007-02-13 14:02:57 +0100, Dirk Stoecker wrote:
Hmm. That can make lots of security trouble I think.
why? what kind of scenarios do you have in mind?
Nothing special. But cross-site scripting would be probably possible when using referers. I tend to be a bit paranoid when thinking about web applications. To many things can happen when not carefully designed.
Also what do you do, when the previous page was dynamic and reloading is not one of the best ideas.
what kind of scenarios do you have in mind? i think the same could happen with your explicit jump targets aswell. no?
No. The explicit jump target is no real target, but a symolic "hint". The place, where redirect happens must know the target or it is ignored. So to get trouble with dynamic pages you need to program the trouble first :-) Ciao -- http://www.dstoecker.eu/ (PGP key available) --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
participants (3)
-
David Mayr -
Dirk Stoecker -
Marcus Rueckert