Hi all, I'm working on upgrading our Trac hosting setup from 0.10 to 0.10.1, and have managed to work through most issues now - thanks for fixing #3996 especially.
However, just found a new issue with the XML-RPC plugin not working anymore - it now gives off a 500 Internal Server Error for all requests. I tested it on 0.10 ten seconds before upgrade, and same lines after upgrade gives error. My initial thought is with the new security fix that traps POST forms going out, and all POST request coming in requiring a token. I quickly scanned xmlrpclib.py, and see that they also use POST to send requests. I also had another issue with our custom 'AJAX' navigation that posts through an XmlHttpRequest to populate a list of projects where a user has access. That I managed to get around by changing to GET as I wasn't actually posting any paramters. I am stuck for how to implement new such features that require POST without access to a token from the client side, or even from template HDF - it will likely be an ugly hack... I think there has to be some adjustments to the "trap all" behavior of the current fix. My initial thought was to add a trac.ini setting for listing excluded paths. This will work fine for XML-PRC (/xmlrpc, /login/xmlrpc) and my needs at least as they are pure "API" interfaces found on their own paths. Any thoughts on this? :::simon www.coderesort.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en -~----------~----~----~----~------~----~------~--~---
