Hi Christian, Interesting, okay,
I'm seeing the issue across the board everywhere an avatar is expected, the dashboard, infoboxes, and the user page itself. Instead of the expected gravatar avatar I see the default white silhouette on a grey circular background. Previous examples non-redacted (I didn't really need to). v2.5.17 - working for all ldap users <img src=" https://secure.gravatar.com/avatar/483f151626d3ac0ec8a1c5d443dc57ee?s=24&d=mm <https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=24&d=mm>" width="24" height="24" alt="peter.hodgson" class="gravatar"> v3.0.1 - not working for *most *ldap users <img src=" https://secure.gravatar.com/avatar/483f151626d3ac0ec8a1c5d443dc57ee?s=24&d=mm <https://secure.gravatar.com/avatar/483f151626d3acxxxx?s=24&d=mm>" alt="Peter Hodgson" width="24" height="24" srcset=" https://secure.gravatar.com/avatar/483f151626d3ac0ec8a1c5d443dc57ee?s=24&d=mm <https://secure.gravatar.com/avatar/483f151626d3axxxx?s=24&d=mm> 1x, https://secure.gravatar.com/avatar/483f151626d3ac0ec8a1c5d443dc57ee?s=72&d=mm <https://secure.gravatar.com/avatar/483f151626d3axxxx?s=72&d=mm> 3x, https://secure.gravatar.com/avatar/483f151626d3ac0ec8a1c5d443dc57ee?s=48&d=mm <https://secure.gravatar.com/avatar/483f151626d3axxxx?s=48&d=mm> 2x" class="avatar"> Looking directly at user emails shows up something interesting. I have discovered one ldap user who still has a working gravatar in 3.0.1, his username and email do not consist of Firstname.Lastname and is a lower case abbreviation. Looking at the difference between my user (non working gravatar) and the admin user with my email address (working gravatar) the difference in email address is that the admin one is all lowercase rather than capitalised first letters. None of these email addresses have been changed across versions but it seems none with an upper case letter still work. Case sensitive hashing now perhaps? Seems unlikely. Thanks again, Peter On Thursday, 14 December 2017 20:20:42 UTC, Christian Hammond wrote: > > Hi Peter, > > The LDAP code hasn't changed between the releases. When logging in via > LDAP for the first time, a local User entry is created with details coming > from LDAP, but those details aren't re-queried from LDAP later, so a user > that existed in 2.5.17 should have the same details as one in 3.0.1. > > The difference in alt text is just the new template factoring in full > names. I checked the logic for building the hashes, and they seem to be the > same. Can you verify the stored e-mail addresses for those users on both > versions? > > Where are you seeing the bad Gravatars? What shows up in their place? > > Christian > > On Thu, Dec 14, 2017 at 4:04 AM, Peter Hodgson <[email protected] > <javascript:>> wrote: > >> Sorry to be so noisy Christian, I'm now seeing problems with gravatar >> sourced images. The switch to v3x has moved to use a srcset which makes >> sense but the actual links being used have changed. >> >> At a wild guess it looks like it's related to ldap use, possibly >> different fields being used to generate the gravatar link? >> >> v2.5.17 - working for ldap users >> <img src=" >> https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=24&d=mm"; >> width="24" height="24" alt="peter.hodgson" class="gravatar"> >> >> v3.0.1 - not working for ldap users >> <img src=" >> https://secure.gravatar.com/avatar/483f151626d3acxxxx?s=24&d=mm"; >> alt="Peter Hodgson" width="24" height="24" srcset=" >> https://secure.gravatar.com/avatar/483f151626d3axxxx?s=24&d=mm 1x, >> https://secure.gravatar.com/avatar/483f151626d3axxxx?s=72&d=mm 3x, >> https://secure.gravatar.com/avatar/483f151626d3axxxx?s=48&d=mm 2x" >> class="avatar"> >> >> however the non-ldap admin user which has my email address is still >> working in v3.0.1 >> <img src=" >> https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=24&d=mm"; >> alt="admin" width="24" height="24" srcset=" >> https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=24&d=mm >> 1x, >> https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=72&d=mm >> 3x, >> https://secure.gravatar.com/avatar/330e7f60f1888b8f6exxxx?s=48&d=mm >> 2x" class="avatar"> >> >> I wonder if the alt text changing for the normal users is indicative of >> this change of source fields for the link generation. It's worth noting >> that I haven't changed any ldap settings between the two versions. >> >> Thanks, >> Peter >> >> >> On Wednesday, 13 December 2017 12:57:00 UTC, Peter Hodgson wrote: >>> >>> That makes perfect sense. The reason I'd wanted to set it at install >>> time is I've been extending a dockerised version, but, as you point out the >>> domain method is part of the site_config table so gets migrated with the >>> rest of the data. This'll work perfectly. >>> >>> I'm happy, >>> >>> Thanks again, >>> Peter >>> >>> On Wednesday, 13 December 2017 00:53:57 UTC, Christian Hammond wrote: >>>> >>>> Glad it worked! >>>> >>>> There's no way to set this during install today, but it's something we >>>> should add. You can set it automatically using the set-siteconfig >>>> management command: >>>> >>>> rb-site manage /path/to/sitedir set-siteconfig -- >>>> --key=site_domain_method --value=https >>>> >>>> Hopefully you aren't needing to create site directories often. If >>>> you're scaling out or moving servers, you want to copy the site directory >>>> and run rb-site upgrade, instead of installing a new site directory, as >>>> some important state will otherwise change. >>>> >>>> Christian >>>> >>>> On Tue, Dec 12, 2017 at 1:54 AM, Peter Hodgson <[email protected]> >>>> wrote: >>>> >>>>> Hi Christian, >>>>> >>>>> Thanks very much, that was it exactly, the general settings page had >>>>> the url as http. The avatars are now working great. >>>>> >>>>> Is that setting generated from the --domain-name parameter of rb-site >>>>> install? I presume there's no way to set that on install? >>>>> >>>>> Thanks again, >>>>> Peter >>>>> >>>>> On Saturday, 9 December 2017 20:56:14 UTC, Christian Hammond wrote: >>>>>> >>>>>> Hi Peter, >>>>>> >>>>>> Thanks! >>>>>> >>>>>> This looks like it might be setting-related, so let's start there. >>>>>> Can you tell me if the Admin UI -> General Settings page lists the URL >>>>>> of >>>>>> the server as using http or https? And is Media URL using a relative >>>>>> path >>>>>> or a URL (and if so, is that using http or https)? >>>>>> >>>>>> Any uploaded avatar should be referenced based on the Media URL path, >>>>>> so I'd first suspect it to be that. If that's the case, this would also >>>>>> impact file attachments and their thumbnails. >>>>>> >>>>>> Christian >>>>>> >>>>>> On Fri, Dec 8, 2017 at 8:23 AM, Peter Hodgson <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi guys, >>>>>>> >>>>>>> Congrats on getting v3 out. I'm a big fan of ReviewBoard, it's >>>>>>> certainly made my life easier and v3 looks great. >>>>>>> >>>>>>> An issue I've having is uploaded avatar images not being shown >>>>>>> whilst using ReviewBoard through https as they are linked as http. >>>>>>> >>>>>>> Chrome reports them as >>>>>>> Mixed Content: The page at ' >>>>>>> https://redacted.com/ReviewBoard/dashboard/' was loaded over HTTPS, >>>>>>> but requested an insecure image ' >>>>>>> http://redacted.com/ReviewBoard/media/uploaded/avatars/p/pe/peter.hodgson__xyz.jpg'. >>>>>>> >>>>>>> This request has been blocked; the content must be served over HTTPS. >>>>>>> >>>>>>> My position is possibly complicated by the RB server being behind a >>>>>>> reverse proxy but I've had no other similar issues. >>>>>>> >>>>>>> Thanks in advance, >>>>>>> Peter >>>>>>> >>>>>>> -- >>>>>>> Supercharge your Review Board with Power Pack: >>>>>>> https://www.reviewboard.org/powerpack/ >>>>>>> Want us to host Review Board for you? Check out RBCommons: >>>>>>> https://rbcommons.com/ >>>>>>> Happy user? Let us know! https://www.reviewboard.org/users/ >>>>>>> --- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "reviewboard" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Christian Hammond >>>>>> President/CEO of Beanbag <https://www.beanbaginc.com/> >>>>>> Makers of Review Board <https://www.reviewboard.org/> >>>>>> >>>>> -- >>>>> Supercharge your Review Board with Power Pack: >>>>> https://www.reviewboard.org/powerpack/ >>>>> Want us to host Review Board for you? Check out RBCommons: >>>>> https://rbcommons.com/ >>>>> Happy user? Let us know! https://www.reviewboard.org/users/ >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "reviewboard" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> >>>> >>>> -- >>>> Christian Hammond >>>> President/CEO of Beanbag <https://www.beanbaginc.com/> >>>> Makers of Review Board <https://www.reviewboard.org/> >>>> >>> -- >> Supercharge your Review Board with Power Pack: >> https://www.reviewboard.org/powerpack/ >> Want us to host Review Board for you? Check out RBCommons: >> https://rbcommons.com/ >> Happy user? Let us know! https://www.reviewboard.org/users/ >> --- >> You received this message because you are subscribed to the Google Groups >> "reviewboard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Christian Hammond > President/CEO of Beanbag <https://www.beanbaginc.com/> > Makers of Review Board <https://www.reviewboard.org/> > -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
