Roundup Tracker - Issues

Message6355

Author rouilj
Recipients ThomasAH, ced, rouilj, schlatterbeck
Date 2019-02-19.00:39:42
Message-id <1550536782.56.0.745966646004.issue2551023@roundup.psfhosted.org>
In-reply-to 
Hi Cédric:

I applied the patch to my test instance and ran the unit tests
without any failures. I will try testing using straight CGI to
verify that it works there. Also I'll test with my
roundup-server instance.

I assume this has fixed your issue with wsgi and the CSRF code is now
working ok?

Where should this patch be applied? If I understand you correctly
this breaks CSRF behind a proxy (as X-FORWARDED-HOST is not mapped
correctly). It also breaks xmlrpc (but not REST yet) when
the X-REQUESTED-WITH header is required.

It certainly needs to be applied to the tip, but maybe we also need
to create a branch from 1.6.0 and somebody can release a 1.6.1?

So what do you think?

-- rouilj
History
Date User Action Args
2019-02-19 00:39:42rouiljsetmessageid: <1550536782.56.0.745966646004.issue2551023@roundup.psfhosted.org>
2019-02-19 00:39:42rouiljsetrecipients: + rouilj, schlatterbeck, ThomasAH, ced
2019-02-19 00:39:42rouiljlinkissue2551023 messages
2019-02-19 00:39:42rouiljcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020