Your message dated Thu, 22 Mar 2012 22:01:03 +0000
with message-id <20120322220103.GE16316@desktop>
and subject line web interface uses hardwired base URL
has caused the Debian Bug report #640901,
regarding cups: web interface uses hardwired base URL
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
640901: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640901
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cups
Version: 1.4.4-7
Severity: normal
Tags: upstream
CUPS is installed on host 'foo'.
My desktop is 'bar'.
I don't want passwords travel on network in plaintext so
I start an ssh tunnel from bar to foo's IPP port:
bar$ ssh -L 9631:localhost:631 foo
Then I enter "http://localhost:9631"; in my browser.
Cookies and JavaScript is temporary allowed for this "host".
Browser stores session cookie.
Everythink seems to be okay but links related jobs
point to "http://foo:631/blahblahblah"; instead of
"http://localhost:9631/blahblahblah";.
Click "Show All Jobs" button of some printers and check page source.
You can see that job ID-s have absolute URL behind while
any other links use relative URLs as well as form actions.
So following job links all my security settings get broken.
Gabor
-- System Information:
Debian Release: 6.0.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Versions of packages cups depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii bc 1.06.95-2 The GNU bc arbitrary precision cal
ii cups-client 1.4.4-7 Common UNIX Printing System(tm) -
ii cups-common 1.4.4-7 Common UNIX Printing System(tm) -
ii cups-ppdc 1.4.4-7 Common UNIX Printing System(tm) -
ii debconf [debconf-2. 1.5.36.1 Debian configuration management sy
ii ghostscript 8.71~dfsg2-9 The GPL Ghostscript PostScript/PDF
ii libavahi-client3 0.6.27-2+squeeze1 Avahi client library
ii libavahi-common3 0.6.27-2+squeeze1 Avahi common library
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libcups2 1.4.4-7 Common UNIX Printing System(tm) -
ii libcupscgi1 1.4.4-7 Common UNIX Printing System(tm) -
ii libcupsdriver1 1.4.4-7 Common UNIX Printing System(tm) -
ii libcupsimage2 1.4.4-7 Common UNIX Printing System(tm) -
ii libcupsmime1 1.4.4-7 Common UNIX Printing System(tm) -
ii libcupsppdc1 1.4.4-7 Common UNIX Printing System(tm) -
ii libdbus-1-3 1.2.24-4+squeeze1 simple interprocess messaging syst
ii libgcc1 1:4.4.5-8 GCC support library
ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr
ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries - k
ii libijs-0.35 0.35-7 IJS raster image transport protoco
ii libkrb5-3 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii libpam0g 1.1.1-6.1 Pluggable Authentication Modules l
ii libpaper1 1.1.24 library for handling paper charact
ii libpoppler5 0.12.4-1.2 PDF rendering library
ii libslp1 1.2.1-7.8 OpenSLP libraries
ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3
ii libusb-0.1-4 2:0.1.12-16 userspace USB programming library
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii poppler-utils 0.12.4-1.2 PDF utilitites (based on libpopple
ii procps 1:3.2.8-9 /proc file system utilities
ii ssl-cert 1.0.28 simple debconf wrapper for OpenSSL
ii ttf-freefont 20090104-7 Freefont Serif, Sans and Mono True
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages cups recommends:
ii cups-driver-gutenprint 5.2.6-1 printer drivers for CUPS
ii foomatic-filters 4.0.5-6 OpenPrinting printer support - fil
ii ghostscript-cups 8.71~dfsg2-9 The GPL Ghostscript PostScript/PDF
Versions of packages cups suggests:
ii cups-bsd 1.4.4-7 Common UNIX Printing System(tm) -
pn cups-pdf <none> (no description available)
ii foomatic-db 20100630-1 OpenPrinting printer support - dat
ii hplip 3.10.6-2 HP Linux Printing and Imaging Syst
ii smbclient 2:3.5.6~dfsg-3squeeze5 command-line SMB/CIFS clients for
ii udev 164-3 /dev/ and hotplug management daemo
pn xpdf-korean | xpd <none> (no description available)
-- Configuration Files:
/etc/cups/cupsd.conf changed [not included]
-- debconf information excluded
--- End Message ---
--- Begin Message ---
tags 640901 + wontfix
thanks
Unsupported. Please see
http://www.cups.org/str.php?L3912
--- End Message ---
