Ticket #9093 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

a href tags in verification notice

Reported by: willg@bluesock.org Assigned to: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: HTML escape
Cc: Trac Release: 0.11

Description

I'm using Trac 0.11.7 with AccountManagerPlugin r10594 with some fixes for issues detailed in #9091 and #9092. After a user registers, then logs in, he/she is greeted with a message to verify his/her email address.

The verification notification contains href html which I can't be more specific about because the anti-spam parts of this trac instance keep flagging it and ditching all the details I've written up forcing me to write up the bug again from scratch. Probably not your fault, but completely infuriating. Additionally c r e d i t s flags the system and that shows up in Python repl output.

Anyhow, the problem is around line 847 in web_ui.py in r10594.

Attachments

Change History

08/13/11 23:01:21 changed by willg@bluesock.org

Bah... I thought I was using Debian testing--but that's a different server. This server is Debian stable. Debian stable has Trac 0.11.7.

(in reply to: ↑ description ) 08/14/11 12:49:24 changed by hasienda

Replying to willg@bluesock.org:

The verification notification contains href html which I can't be more specific about because the anti-spam parts of this trac instance keep flagging it and ditching all the details I've written up [...]

How about attaching a small screenshot (PNG preferred) here? :-)

08/14/11 18:21:13 changed by willg@bluesock.org

It looks like it's probably fixed in r10596. I can't test now, but I'll try testing it later.

08/15/11 01:27:46 changed by hasienda

Ok, take your time.

I'll not rush for the next release before the frequency of new reports has declined a bit. Just a statement, no complaint, because feedback is good and bug reports even more, since they tend to improve the plugin.

08/15/11 01:35:22 changed by willg@bluesock.org

I managed to test it just now with r10598 and the problem is gone. So I'm all set with this issue, too. Thank you!

08/15/11 20:28:39 changed by hasienda

  • keywords set to HTML escape.

You're welcome. Thank you for testing.

So I'll leave it open only as a reminder to reference it, and close it as fixed with next release.

08/16/11 00:27:34 changed by hasienda

(In [10603]) AccountManagerPlugin: Play safe - expire left-over session cookies too, refs #9095.

This has been led by another observation of janakj, thank you very much. Added some code cleanup and seemingly missing code to restrict cookies. And denote another recently fixed issue in changelog too, refs #9093.

08/26/11 00:50:37 changed by hasienda

  • status changed from new to closed.
  • resolution set to fixed.

(In [10618]) AccountManagerPlugin: Publish maintenance release 0.3.2, closes #9051, #9082, #9088, #9091, #9092, #9093, #9095, #9099, #9107, #9108 and #9109.

This is an update for current stable at 0.3.1 with a number of fixes for issues reported within the last weeks.

While they will go into acct_mgr-0.4 too, current code isn't ready for release yet and will introduce a number of backwards-incompatible changes. So don't hurry for acct_mgr-0.4 right now.

Just noticed what I'd call a bug in signatures.py and removed unreasonable dependency on identical absolute path for successful check. Looks like nobody else tried this by now, right? Hey folks!

Add/Change #9093 (a href tags in verification notice)




Change Properties
Action