#1130: logging crashes when URL contains unicode symbols and user is logged in
(mod_python system)
------------------------+---------------------------------------------------
Reporter: dado1945 | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: __unclassified__
Component: TurboGears | Version: 1.0.8
Severity: minor | Resolution:
Keywords: |
------------------------+---------------------------------------------------
Comment (by kikidonk):
(sorry about formatting, resubmitting)
I stumbled across a similar error running 1.0.8.
I suspect the whole turbogears identity framework uses an implicit
assumption that identity.user_name will always be byte encoded because by
default the table uses a String column type. In my case I needed to
support unicode user_names, using a UnicodeText? column type.
If one does that there are several lines of code that will break
generating 500 errors which i consider a pretty critical bug.
*
http://trac.turbogears.org/turbogears/browser/tags/1.0b1/turbogears/controllers.py#L439
as mentioned above, the logging will crash the system if the username is
unicode outside ascii range
*
http://trac.turbogears.org/browser/tags/1.0b1/turbogears/identity/saprovider.py#L49
the identity.user_name is directly bound to the result of the sql-mapped
.user_name attribute (which will be a unicode string if type is Unicode,
or a byte string if type is String)
*
http://trac.turbogears.org/browser/tags/1.0b1/turbogears/identity/saprovider.py#L161
the username is again used as argument in a log statement that will fail
to encode it if outside ascii
*
http://trac.turbogears.org/browser/tags/1.0b1/turbogears/identity/visitor.py#L116
username is retreived from the HTTP Authorization header which will
probably be byte-encoded, then passed to validate_identity without
decoding to unicode
*
http://trac.turbogears.org/browser/tags/1.0b1/turbogears/identity/visitor.py#L136
depending on whether cherrypy.request.params is unicode or not (i'm not
sure) the user_name will be either unicode or not, and again passed as is
to validate_identity
Now i'm a bit confused if this is a bug, or a known-limitation of
user_name column's type in the identity system.
If it is a limitation, I suppose I have to manually encode the username to
some encoding just before inserting into the DB in a String type column?
--
Ticket URL: <http://trac.turbogears.org/ticket/1130#comment:10>
TurboGears <http://www.turbogears.org/>
TurboGears front-to-back web development
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "TurboGears Tickets" group.
This group is read-only. No posting by normal members allowed.
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/turbogears-tickets?hl=en?hl=en
-~----------~----~----~----~------~----~------~--~---
