Mark Prins ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=5d68e9f964bfb10c11a29d83 ) *created* an issue
GeoServer ( https://osgeo-org.atlassian.net/browse/GEOS?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) / Bug ( https://osgeo-org.atlassian.net/browse/GEOS-10468?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) GEOS-10468 ( https://osgeo-org.atlassian.net/browse/GEOS-10468?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) (virtually) Impossible to turn off "Enable All Statistics" in > Server status > System Status ( https://osgeo-org.atlassian.net/browse/GEOS-10468?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) Issue Type: Bug Affects Versions: 2.20.4 Assignee: Unassigned Attachments: image-20220419-112818.png Created: 19/Apr/22 2:09 PM Environment: This Geoserver is setup in Tomcat 9.0.62 with Temurin JRE 11 in a docker container with a Traefik container in front and has the ` GEOSERVER_CSRF_WHITELIST environment variable set to AAAAAAAA.tailormap.nl Priority: Medium Reporter: Mark Prins ( https://osgeo-org.atlassian.net/secure/ViewProfile.jspa?accountId=5d68e9f964bfb10c11a29d83 ) In https://osgeo-org.atlassian.net/browse/GEOS-10243 a checkbox was added to enable all statistics, however this option is basically impossible to deactivate once activated because the page is (still) refreshed every second using an ajax call. Related to this or maybe the cause of it is that un-checking the checkbox results in a POST that errors out in a 403 (but this could be a setup thing as well). I’m logged in as “admin” and no other users have been defined. curl 'https://AAAAAAAA.tailormap.nl/geoserver/web/wicket/bookmarkable/org.geoserver.web.admin.StatusPage?3-1.IBehaviorListener.0-tabs-panel-refreshed~values-statistics&filter=false' \ -X 'POST' \ -H 'authority: AAAAAAAA.tailormap.nl' \ -H 'accept: application/xml, text/xml, */*; q=0.01' \ -H 'accept-language: nl,en-GB;q=0.9,en;q=0.8,de;q=0.7' \ -H 'authorization: Basic YYYYYYYYYYYYYYYYYYYYYYYYYYYY' \ -H 'content-length: 0' \ -H 'cookie: remember-me=XXXXXXXXXXXXXXXX; JSESSIONID=WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW; XSRF-TOKEN=ZZZZZZZZZZZZZZZZ; redirect_to=%2Fgrafana' \ -H 'dnt: 1' \ -H 'origin: https://AAAAAAAA.tailormap.nl' \ -H 'referer: https://AAAAAAAA.tailormap.nl/geoserver/web/wicket/bookmarkable/org.geoserver.web.admin.StatusPage?3&filter=false' \ -H 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Google Chrome";v="100"' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'sec-ch-ua-platform: "Linux"' \ -H 'sec-fetch-dest: empty' \ -H 'sec-fetch-mode: cors' \ -H 'sec-fetch-site: same-origin' \ -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.88 Safari/537.36' \ -H 'wicket-ajax: true' \ -H 'wicket-ajax-baseurl: wicket/bookmarkable/org.geoserver.web.admin.StatusPage?3&filter=false' \ -H 'wicket-focusedelementid: statistics' \ -H 'x-requested-with: XMLHttpRequest' \ --compressed (note that server url and all auth params/cookies have been changed in the above, but are identical to those of the GET request that successfully reloads the metrics panel. ( https://osgeo-org.atlassian.net/browse/GEOS-10468#add-comment?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) Add Comment ( https://osgeo-org.atlassian.net/browse/GEOS-10468#add-comment?atlOrigin=eyJpIjoiMWM0NzI0ZmEwZDRjNDVmNzlmMjNiNzg0MTdlMDI5MGQiLCJwIjoiaiJ9 ) Get Jira notifications on your phone! Download the Jira Cloud app for Android ( https://play.google.com/store/apps/details?id=com.atlassian.android.jira.core&referrer=utm_source%3DNotificationLink%26utm_medium%3DEmail ) or iOS ( https://itunes.apple.com/app/apple-store/id1006972087?pt=696495&ct=EmailNotificationLink&mt=8 ) This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100198- sha1:943baf4 )
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
