Re: [gitorious] relative_url_path question

2011-09-13 Thread Tomoya KABE 
I managed to make a patch that fixes my problem without using any separate 
virtualhost by referring to 
http://gitorious.org/gitorious/base_uri-fixes/commit/6eedbe7021a212616b15ffb2df606357ccb410c7
 
.
The patch in the link does not work directly so I picked the patch 
partially, modified to match the current implementation.
Here I post the patch for me below. It needed modifying controller codes.
I'll be happy if the patch is useful for future updates.

Thank you for reply.

diff -cr gitorious.orig/app/controllers/sessions_controller.rb 
gitorious/app/controllers/sessions_controller.rb
*** gitorious.orig/app/controllers/sessions_controller.rb   2011-09-14 
11:11:33.166028086 +0900
--- gitorious/app/controllers/sessions_controller.rb2011-09-14 
11:17:01.057529862 +0900
***
*** 49,55 
  clear_varnish_auth_cookie
  reset_session
  flash[:notice] = "You have been logged out."
! redirect_back_or_default('/')
end

protected
--- 49,55 
  clear_varnish_auth_cookie
  reset_session
  flash[:notice] = "You have been logged out."
! redirect_back_or_default("#{relative_url_root}/")
end

protected
***
*** 121,127 
  :secure => true
}
  end
! check_state_and_redirect('/')
end

def check_state_and_redirect(redirection_url)
--- 121,127 
  :secure => true
}
  end
! check_state_and_redirect("#{relative_url_root}/")
end

def check_state_and_redirect(redirection_url)
diff -cr gitorious.orig/app/controllers/users_controller.rb 
gitorious/app/controllers/users_controller.rb
*** gitorious.orig/app/controllers/users_controller.rb  2011-09-14 
11:11:33.166028086 +0900
--- gitorious/app/controllers/users_controller.rb   2011-09-14 
11:21:02.129540978 +0900
***
*** 109,115 
  else
flash[:error] = I18n.t "users_controller.activate_error"
  end
! redirect_back_or_default('/')
end

def forgot_password
--- 109,115 
  else
flash[:error] = I18n.t "users_controller.activate_error"
  end
! redirect_back_or_default("#{relative_url_root}/")
end

def forgot_password

-- 
To post to this group, send email to gitorious@googlegroups.com
To unsubscribe from this group, send email to
gitorious+unsubscr...@googlegroups.com

Re: [gitorious] OpenID integration tests for Gitorious

2011-09-13 Thread Rodrigo Rosenfeld Rosas 

Em 13-09-2011 08:56, Marius Mårnes Mathiesen escreveu:
On Mon, Sep 12, 2011 at 2:39 PM, Rodrigo Rosenfeld Rosas 
mailto:rr.ro...@gmail.com>> wrote:


Em 12-09-2011 09:15, Marius Mårnes Mathiesen escreveu:

Rodrigo,
Would you mind submitting a merge request for this?

https://gitorious.org/gitorious/mainline/merge_requests/165


Thanks! But this seems like the full migration to Devise - didn't we 
discuss just refactoring the testing parts first? Pasting from earlier 
on in this thread:


Sorry, I didn't understand that before. Here it is:

https://gitorious.org/gitorious/mainline/merge_requests/166



If this integration test is accepted in mainline, I can then start
to work on my Devise branch again and try to make this test to
pass instead of that other functional one that is very specific to
the current solution.



(been home sick, not ignoring anyone)


Hope you are better


Thanks, a lot better now. The Norwegian fall can be brutal :-)


I can imagine :)

Best,

Rodrigo.

--
To post to this group, send email to gitorious@googlegroups.com
To unsubscribe from this group, send email to
gitorious+unsubscr...@googlegroups.com

Re: [gitorious] OpenID integration tests for Gitorious

2011-09-13 Thread Marius Mårnes Mathiesen 
On Mon, Sep 12, 2011 at 2:39 PM, Rodrigo Rosenfeld Rosas  wrote:

> Em 12-09-2011 09:15, Marius Mårnes Mathiesen escreveu:
>
>  Rodrigo,
>> Would you mind submitting a merge request for this?
>>
>>  
>> https://gitorious.org/**gitorious/mainline/merge_**requests/165


Thanks! But this seems like the full migration to Devise - didn't we discuss
just refactoring the testing parts first? Pasting from earlier on in this
thread:

If this integration test is accepted in mainline, I can then start to work
> on my Devise branch again and try to make this test to pass instead of that
> other functional one that is very specific to the current solution.
>


>  (been home sick, not ignoring anyone)
>>
>
> Hope you are better
>

Thanks, a lot better now. The Norwegian fall can be brutal :-)

- Marius

-- 
To post to this group, send email to gitorious@googlegroups.com
To unsubscribe from this group, send email to
gitorious+unsubscr...@googlegroups.com

Re: [gitorious] XSS vuln.

2011-09-13 Thread Marius Mårnes Mathiesen 
On Mon, Sep 12, 2011 at 4:20 PM, Rodrigo Rosenfeld Rosas  wrote:

> **
> Em 12-09-2011 09:29, Marius Mårnes Mathiesen escreveu:
>
> On Sat, Sep 17, 2011 at 6:24 PM, Yousha Aleayoub wrote:
>
>> Hi,
>> Checkout & commit to fix it ;)
>>
>>
>> https://gitorious.org/~admin?page=999%3Chr/%3EDont%20Hacking%20Attempt!%20%3CBODY%20onload=%22javascript:alert('100%20times%20HELLO%20:D')%22%3E%3Cnoscript%3E
>>
>>
>  Yousha,
> Thanks for reporting this, we pushed a fix earlier today. I'd really prefer
> it if you keep sending these to the support email, so we have time to
> resolve such issues before our users are exposed - this is a public mailing
> list. Apart from that: keep'em coming!
>
>
> Shouldn't a new patch version (v2.0.2) be released?
>

Absolutely - thanks a lot!

Cheers,
- Marius

-- 
To post to this group, send email to gitorious@googlegroups.com
To unsubscribe from this group, send email to
gitorious+unsubscr...@googlegroups.com