Opened 15 years ago
Closed 15 years ago
#511 closed defect (fixed)
bitten slave sends wrong url as referrer when logging in
| Reported by: | Felix Schwarz <felix.schwarz@…> | Owned by: | osimons |
|---|---|---|---|
| Priority: | blocker | Milestone: | 0.6 |
| Component: | Build slave | Version: | dev |
| Keywords: | Cc: | ||
| Operating System: |
Attachments (1)
Change History (7)
Changed 15 years ago by Felix Schwarz <felix.schwarz@…>
comment:1 Changed 15 years ago by osimons
- Milestone changed from 0.6.1 to 0.6
- Version set to dev
Is it a problem? The whole idea was to redirect to a minimal page that takes no load to render and is really only intended for machine-to-machine communication (slave-master). That is also what the /builds url is seeing it is only protocol talk there. Does it matter that it returns a simple error? The idea was also to render a simple message - and not needing to make the full request processing, with chrome and template rendering that makes no sense for machine communication.
Also if we redirect anywhere outside our control, we cannot really be sure. Others may implement special permissions (using security policies, or request filters), or for instance my setup contains this in trac.ini:
[components] trac.about.* = disabled
... I got not 'About Trac' page in my projects.
Propose 'wontfix' unless I can be convinced that current code is actually a problem... Is it really a 'blocker' issue at your end?
comment:2 Changed 15 years ago by Felix Schwarz <felix.schwarz@…>
The problem for me was that no build started because of the 405 error message. I should have been more clear about this. In my environment the bitten slave only had 'BUILD_EXEC' permission (authenticated: TICKET_CREATE, TICKET_MODIFY, TICKET_VIEW, WIKI_CREATE, WIKI_MODIFY, WIKI_VIEW, no privileges for anonymous users).
To me the problem is quite obvious from the code:
comment:3 follow-up: ↓ 4 Changed 15 years ago by osimons
Got it now - it seems your master (Trac plugin) does not make the expected response. It should not raise a 405, it should just make a regular response (200) if master is also updated to same version running code like this:
if req.method != 'POST': self._send_response(req, body='Only POST allowed for build creation.')
So, the real problem here is actually that I forgot to increment my 'protocol version' counter that should ensure that master and slave speaks the same language... - or that slave outputs a useful error message if not:
-
bitten/__init__.py
19 19 pass 20 20 21 21 # The master-slave protocol/configuration version 22 PROTOCOL_VERSION = 222 PROTOCOL_VERSION = 3
If you want to try it, you can update the slave code and see that it outputs a useful error about version mismatch - it should, I hope :-)
comment:4 in reply to: ↑ 3 Changed 15 years ago by Felix Schwarz <felix.schwarz@…>
Good catch - sorry for that. My master runs 790 and I did not notice the revision number mismatch (which causes the subtle, but important difference between '_send_error()' and '_send_message()').
comment:5 Changed 15 years ago by osimons
- Owner set to osimons
I'll update the protocol version and improve the console logging to make the error message appear without needing verbose logging.
comment:6 Changed 15 years ago by osimons
- Resolution set to fixed
- Status changed from new to closed
Committed in [797]. Will merge to 0.6.x soon.
proposed patch which has the disadvantage that BUILD_VIEW privileges are needed. Maybe redirecting to /about is more sensible as this is always allowed(?).