[Citadel Development] Re: Message security
On 18/01/11 16:10, dothebart wrote: because of the use of cookie based authentication you can't do that with one browser. I did do it. if you're able to reproduce this with two browsers (run a chrome and a firefox) and we have a problem. Since the client knows the room its in, messages from wrong rooms will be displayed. Even after you explicitly log out of one of the accounts? What does logout mean in such a case? Is the message requested in the context of the logged-out account, or the new logged in account? Either way seems wrong. Sam
[Citadel Development] Re: Message security
Even after you explicitly log out of one of the accounts? What does logout mean in such a case? Is the message requested in the context of the logged-out account, or the new logged in account? Try it again now; it *should* theoretically act like any other web site at this point. If you log out from one window, the session should be logged out and the other window should reflect that as well.
[Citadel Development] [SCM] citadel.org branch, master, updated. 91639d15ed87448ac2dfb6cba147b000d23b38de
Push to the project citadel.org : The branch, master has been updated via 91639d15ed87448ac2dfb6cba147b000d23b38de (commit) from d75b53ffd1f1e6cfbce340bae25710652617397c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - http://code.citadel.org/cgit.cgi/git.citadel.org/commit/?id=91639d15ed87448ac2dfb6cba147b000d23b38de commit 91639d15ed87448ac2dfb6cba147b000d23b38de Author: Art Cancro a...@citadel.org Date: Wed Jan 19 11:32:02 2011 -0500 ajax_servcmd() logging now displays the g_cmd being attempted. This is in an attempt to debug the b0rken message delete in the mailbox view. Also fixed a format string compiler warning. --- Summary of changes: webcit/webcit.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) hooks/post-receive -- citadel.org
[Citadel Development] [SCM] citadel.org branch, master, updated. fb433069aa46d253afbb19dbd358c0d3c0636272
Push to the project citadel.org : The branch, master has been updated via fb433069aa46d253afbb19dbd358c0d3c0636272 (commit) from 91639d15ed87448ac2dfb6cba147b000d23b38de (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - http://code.citadel.org/cgit.cgi/git.citadel.org/commit/?id=fb433069aa46d253afbb19dbd358c0d3c0636272 commit fb433069aa46d253afbb19dbd358c0d3c0636272 Author: Art Cancro a...@citadel.org Date: Wed Jan 19 15:03:49 2011 -0500 Prototype 1.7 seems to need ajax parameters wrapped with encodeURI() This fixes the broken mailbox view --- Summary of changes: webcit/static/instant_messenger.html |4 ++-- webcit/static/summaryview.js | 25 - webcit/static/wclib.js |5 +++-- webcit/webcit.c |2 +- 4 files changed, 22 insertions(+), 14 deletions(-) hooks/post-receive -- citadel.org
[Citadel Development] Re: [SCM] citadel.org branch, master, updated. fb433069aa46d253afbb19dbd358c0d3c0636272
That was kind of nasty. I thought that it was me who broke the ajax stuff, but it was actually the Prototype 1.7 upgrade. Everyone take note of this please, particularly when using ajax_servcmd. The parameters must be wrapped up inside EncodeURI() otherwise they will be truncated.
[Citadel Development] [SCM] citadel.org branch, master, updated. 840b05960b71dd1ebc828cfe31e1cb8802cddbe1
Push to the project citadel.org : The branch, master has been updated via 840b05960b71dd1ebc828cfe31e1cb8802cddbe1 (commit) from fb433069aa46d253afbb19dbd358c0d3c0636272 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - http://code.citadel.org/cgit.cgi/git.citadel.org/commit/?id=840b05960b71dd1ebc828cfe31e1cb8802cddbe1 commit 840b05960b71dd1ebc828cfe31e1cb8802cddbe1 Author: Art Cancro a...@citadel.org Date: Wed Jan 19 22:37:30 2011 -0500 Disallow certain pages in robots.txt which would mislead crawlers. /printmsg /msgheaders /groupdav /do_template /static --- Summary of changes: webcit/static.c |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) hooks/post-receive -- citadel.org
[Citadel Development] [SCM] citadel.org branch, master, updated. 27cd9536f58c8f61c08c08160c52847d5ddd6cc9
Push to the project citadel.org : The branch, master has been updated via 27cd9536f58c8f61c08c08160c52847d5ddd6cc9 (commit) from 840b05960b71dd1ebc828cfe31e1cb8802cddbe1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - http://code.citadel.org/cgit.cgi/git.citadel.org/commit/?id=27cd9536f58c8f61c08c08160c52847d5ddd6cc9 commit 27cd9536f58c8f61c08c08160c52847d5ddd6cc9 Author: Art Cancro a...@citadel.org Date: Wed Jan 19 23:04:56 2011 -0500 'Read all messages' button does not belong in the mailbox view. Remove it. --- Summary of changes: webcit/static/t/navbar.html |8 +--- 1 files changed, 1 insertions(+), 7 deletions(-) hooks/post-receive -- citadel.org
[Citadel Development] [SCM] citadel.org branch, master, updated. 9b1d7e375c0983b182f9f068fb983a5715289ecc
Push to the project citadel.org : The branch, master has been updated via 9b1d7e375c0983b182f9f068fb983a5715289ecc (commit) from 27cd9536f58c8f61c08c08160c52847d5ddd6cc9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log - http://code.citadel.org/cgit.cgi/git.citadel.org/commit/?id=9b1d7e375c0983b182f9f068fb983a5715289ecc commit 9b1d7e375c0983b182f9f068fb983a5715289ecc Author: Art Cancro a...@citadel.org Date: Wed Jan 19 23:10:54 2011 -0500 The 'Delete' button in mailbox view went missing at some point; replaced it. --- Summary of changes: webcit/static/t/navbar.html |6 ++ 1 files changed, 6 insertions(+), 0 deletions(-) hooks/post-receive -- citadel.org
[Citadel Development] Re: [SCM] citadel.org branch, master, updated. fb433069aa46d253afbb19dbd358c0d3c0636272
Mi Jan 19 2011 15:41:08 EST von IGnatius T Foobar @ Uncensored Betreff: Re: [SCM] citadel.org branch, master, updated. fb433069aa46d253afbb19dbd358c0d3c0636272 That was kind of nasty. I thought that it was me who broke the ajax stuff, but it was actually the Prototype 17 upgrade. Everyone take note of this please, particularly when using ajax_servcmd. The parameters must be wrapped up inside EncodeURI() otherwise they will be truncated. does the chat window have similar problems? We had it sending requests without a directory component in some cases...