Modify

Opened 13 years ago

Closed 13 years ago

#9093 closed defect (fixed)

a href tags in verification notice

Reported by: willg@… Owned by: Steffen Hoffmann
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: HTML escape
Cc: Trac Release: 0.11

Description

I'm using Trac 0.11.7 with AccountManagerPlugin r10594 with some fixes for issues detailed in #9091 and #9092. After a user registers, then logs in, he/she is greeted with a message to verify his/her email address.

The verification notification contains href html which I can't be more specific about because the anti-spam parts of this trac instance keep flagging it and ditching all the details I've written up forcing me to write up the bug again from scratch. Probably not your fault, but completely infuriating. Additionally c r e d i t s flags the system and that shows up in Python repl output.

Anyhow, the problem is around line 847 in web_ui.py in r10594.

Attachments (0)

Change History (8)

comment:1 Changed 13 years ago by willg@…

Bah... I thought I was using Debian testing--but that's a different server. This server is Debian stable. Debian stable has Trac 0.11.7.

comment:2 in reply to:  description Changed 13 years ago by Steffen Hoffmann

Replying to willg@bluesock.org:

The verification notification contains href html which I can't be more specific about because the anti-spam parts of this trac instance keep flagging it and ditching all the details I've written up ![...]

How about attaching a small screenshot (PNG preferred) here? :-)

comment:3 Changed 13 years ago by willg@…

It looks like it's probably fixed in r10596. I can't test now, but I'll try testing it later.

comment:4 Changed 13 years ago by Steffen Hoffmann

Ok, take your time.

I'll not rush for the next release before the frequency of new reports has declined a bit. Just a statement, no complaint, because feedback is good and bug reports even more, since they tend to improve the plugin.

comment:5 Changed 13 years ago by willg@…

I managed to test it just now with r10598 and the problem is gone. So I'm all set with this issue, too. Thank you!

comment:6 Changed 13 years ago by Steffen Hoffmann

Keywords: HTML escape added

You're welcome. Thank you for testing.

So I'll leave it open only as a reminder to reference it, and close it as fixed with next release.

comment:7 Changed 13 years ago by Steffen Hoffmann

(In [10603]) AccountManagerPlugin: Play safe - expire left-over session cookies too, refs #9095.

This has been led by another observation of janakj, thank you very much. Added some code cleanup and seemingly missing code to restrict cookies. And denote another recently fixed issue in changelog too, refs #9093.

comment:8 Changed 13 years ago by Steffen Hoffmann

Resolution: fixed
Status: newclosed

(In [10618]) AccountManagerPlugin: Publish maintenance release 0.3.2, closes #9051, #9082, #9088, #9091, #9092, #9093, #9095, #9099, #9107, #9108 and #9109.

This is an update for current stable at 0.3.1 with a number of fixes for issues reported within the last weeks.

While they will go into acct_mgr-0.4 too, current code isn't ready for release yet and will introduce a number of backwards-incompatible changes. So don't hurry for acct_mgr-0.4 right now.

Just noticed what I'd call a bug in signatures.py and removed unreasonable dependency on identical absolute path for successful check. Looks like nobody else tried this by now, right? Hey folks!

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Steffen Hoffmann.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.