You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by GitBox <gi...@apache.org> on 2020/10/26 13:20:13 UTC

[GitHub] [ofbiz-framework] ingo-koenemann opened a new pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

ingo-koenemann opened a new pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236


   Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)
   
   Added removal of the _PREVIOUS_REQUEST_ attribute when requesting non-authenticated sites and moved targetRequestUri handling to a accommodate this change


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-716543909


   Kudos, SonarCloud Quality Gate passed!
   
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug.png' alt='Bug' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=BUG) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=BUG)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability.png' alt='Vulnerability' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=VULNERABILITY) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=VULNERABILITY) (and [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot.png' alt='Security Hotspot' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/issue
 s?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=SECURITY_HOTSPOT) to review)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell.png' alt='Code Smell' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=CODE_SMELL) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework&pullRequest=236&resolved=false&types=CODE_SMELL)
   
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo.png' alt='No Coverage information' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework&pullRequest=236) No Coverage information  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/NoDuplicationInfo.png' alt='No Duplication information' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework&pullRequest=236&metric=duplicated_lines_density&view=list) No Duplication information
   
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl closed pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
mbrohl closed pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
mbrohl commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-766975361


   Looks good to me and is known to work in custom projects.
   Any objections to get this into the codebase?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] ingo-koenemann commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
ingo-koenemann commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-768096271


   Hi Jacques,
   
   I tried to explain the reasons in the corresponding JIRA issue but found the problem I mentioned (navigation problems while navigating the site without a login and then logging in) does not exist on the demo front end due to the implementation of the login.
   
   It is possible to implement a login button using the current methods that automatically sends the user to the previously viewed page (which we have done in custom projects). Without the commit provided the last visited page will not be cleared on appropriate navigation, resulting in a mismatch between where the user currently is on the site and the site saved as the last visited. This results in said login leading to the (falsely identified) last visited site (which required authorization) instead of the current site (if it does not require authorization).
   
   For example:
   1. Navigate to a profile page requiring authorization.
   2. Navigate to an FAQ site which does not require authorization.
   3. The login button should now lead, upon authorization) back to the FAQ site. Instead the browser is send to the profile page since it was the last saved request requiring authorization.
   
   I hope this explanation clears up the issue.
   
   Best regards,
   Ingo


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
mbrohl commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-772412726


   Closed for #262 


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
mbrohl commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-766975361


   Looks good to me and is known to work in custom projects.
   Any objections to get this into the codebase?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] JacquesLeRoux commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
JacquesLeRoux commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-766984055


   Hi Michael,
   
   It would be good to have an explanation of the reason of this change


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] JacquesLeRoux commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
JacquesLeRoux commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-768233622


   Thanks Ingo,
   
   I should have a 2nd look at OFBIZ-12047 (I did when you created it) before asking, but this explanation is more convincing :)


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] JacquesLeRoux commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
JacquesLeRoux commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-766984055


   Hi Michael,
   
   It would be good to have an explanation of the reason of this change


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] ingo-koenemann commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
ingo-koenemann commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-772328485


   Ich created a new PR #262.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #236: Improved: Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages (OFBIZ-12047)

Posted by GitBox <gi...@apache.org>.
mbrohl commented on pull request #236:
URL: https://github.com/apache/ofbiz-framework/pull/236#issuecomment-770928894


   @ingo-koenemann please provide a new PR with modified commit message "Fixed: ..." because we have classified this as a bug now. Thank you!


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org