Re: Issue 3406 in reviewboard: output json without html entity escape in script tag
Updates: Status: Fixed Comment #3 on issue 3406 by chip...@gmail.com: output json without html entity escape in script tag http://code.google.com/p/reviewboard/issues/detail?id=3406 Fixed in today's Djblets releases. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/d/optout.
Re: Issue 3399 in reviewboard: v2.0.1, RB throws LookupError in convert_to_unicode for ISO-8859 with CRLF file
Updates: Status: Fixed Comment #3 on issue 3399 by trowb...@gmail.com: v2.0.1, RB throws LookupError in convert_to_unicode for ISO-8859 with CRLF file http://code.google.com/p/reviewboard/issues/detail?id=3399 Fixed in release-2.0.x (d4c4887). Thanks! -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/d/optout.
Re: Issue 3403 in reviewboard: Getting Something Broke error from the server Active Directory authentication with correct password.
Comment #4 on issue 3403 by shivai...@gmail.com: Getting Something Broke
error from the server Active Directory authentication with correct password.
http://code.google.com/p/reviewboard/issues/detail?id=3403
Hi i enabled mail service on the reviewboard. and it sent me a mail on the
failure of AD login of the user with trace. I am pasting the error here.
please do help me to solve the issue.
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/core/handlers/base.py",
line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/views/decorators/debug.py",
line 75, in sensitive_post_parameters_wrapper
return view(request, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/utils/decorators.py",
line 99, in _wrapped_view
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/views/decorators/cache.py",
line 52, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/contrib/auth/views.py",
line 36, in login
if form.is_valid():
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/forms/forms.py",
line 129, in is_valid
return self.is_bound and not bool(self.errors)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/forms/forms.py",
line 121, in errors
self.full_clean()
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/forms/forms.py",
line 274, in full_clean
self._clean_form()
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/forms/forms.py",
line 300, in _clean_form
self.cleaned_data = self.clean()
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/contrib/auth/forms.py",
line 189, in clean
password=password)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/contrib/auth/__init__.py",
line 49, in authenticate
user = backend.authenticate(**credentials)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0.1-py2.7.egg/reviewboard/accounts/backends.py",
line 652, in authenticate
filter_format('(&(objectClass=user)(sAMAccountName=%s))',
NameError: global name 'filter_format' is not defined
,
POST:u'csrfmiddlewaretoken': [u''], u'password':
[u''], u'next': [u'']}>,
COOKIES:{'csrftoken': 'TLdRU7OxUbrKxqi3JfyDpOEGnnkdsChe',
'rbsessionid': 'sgucjsx6pt89rztr97m2y2blw0qsct1s'},
META:{'CONTENT_LENGTH': '94',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
'CONTEXT_DOCUMENT_ROOT': '/var/www/reviewboard/htdocs',
'CONTEXT_PREFIX': '',
u'CSRF_COOKIE': u'TLdRU7OxUbrKxqi3JfyDpOEGnnkdsChe',
'DOCUMENT_ROOT': '/var/www/reviewboard/htdocs',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT':
'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.5',
'HTTP_CONNECTION': 'Keep-Alive',
'HTTP_COOKIE': 'csrftoken=TLdRU7OxUbrKxqi3JfyDpOEGnnkdsChe;
rbsessionid=sgucjsx6pt89rztr97m2y2blw0qsct1s',
'HTTP_HOST': 'reviewboard.ecosense.co.in',
'HTTP_REFERER': 'http://reviewboard.ecosense.co.in/account/login/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0)
Gecko/20100101 Firefox/29.0',
'HTTP_X_FORWARDED_FOR': '42.104.24.166',
'HTTP_X_FORWARDED_HOST': 'reviewboard.ecosense.co.in',
'HTTP_X_FORWARDED_SERVER': 'reviewboard.ecosense.co.in',
'PATH_INFO': u'/account/login/',
'PATH_TRANSLATED':
'/var/www/reviewboard/htdocs/reviewboard.wsgi/account/login/',
'QUERY_STRING': '',
'REMOTE_ADDR': '192.168.1.10',
'REMOTE_PORT': '56371',
'REQUEST_METHOD': 'POST',
'REQUEST_SCHEME': 'http',
'REQUEST_URI': '/account/login/',
'SCRIPT_FILENAME': '/var/www/reviewboard/htdocs/reviewboard.wsgi',
'SCRIPT_NAME': u'',
'SERVER_ADDR': '192.168.1.9',
'SERVER_ADMIN': '[no address given]',
'SERVER_NAME': 'reviewboard.ecosense.co.in',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SIGNATURE': 'Apache/2.4.7 (Ubuntu) Server at
reviewboard.ecosense.co.in Port 80\n',
'SERVER_SOFTWARE': 'Apache/2.4.7 (Ubuntu)',
'mod_wsgi.application_group': 'reviewboard.ecosense.co.in|',
'mod_wsgi.callable_object': 'application',
'mod_wsgi.enable_sendfile': '0',
'mod_wsgi.handler_script': '',
'mod_wsgi.input_chunked': '0',
'mod_wsgi.listener_host': '',
'mod_wsgi.listener_port': '80',
'mod_wsgi.process_group': '',
'mod_wsgi.queue_start': '1401973462400462',
'mod_wsgi.request_handler': 'wsgi-script',
'mod_wsgi.script_reloading': '1',
'mod_wsgi.version': (3, 4),
'wsgi.errors': ,
'wsgi.file_wrapper':
Re: Issue 3406 in reviewboard: output json without html entity escape in script tag
Comment #2 on issue 3406 by chip...@gmail.com: output json without html entity escape in script tag http://code.google.com/p/reviewboard/issues/detail?id=3406 Can you e-mail us privately with a name we can use for crediting the find? -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/d/optout.
Re: Issue 3407 in reviewboard: Perforce review fails with UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 20: ordinal not in range(128)
Comment #1 on issue 3407 by labor...@gmail.com: Perforce review fails with UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 20: ordinal not in range(128) http://code.google.com/p/reviewboard/issues/detail?id=3407 Further on this - it turns out that having a quote " character in the change request was causing this. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/d/optout.
Issue 3407 in reviewboard: Perforce review fails with UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 20: ordinal not in range(128)
Status: New
Owner:
Labels: Type-Defect Priority-Medium
New issue 3407 by labor...@gmail.com: Perforce review fails with
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 20:
ordinal not in range(128)
http://code.google.com/p/reviewboard/issues/detail?id=3407
*** READ THIS BEFORE POSTING!
***
*** You must complete this form in its entirety, or your bug report will be
rejected.
***
*** For customer support, please post to reviewbo...@googlegroups.com
***
*** If you have a patch, please submit it to
http://reviews.reviewboard.org/
***
*** Do not post confidential information in this bug report!
What version are you running?
2.0
What's the URL of the page containing the problem?
/reviews
What steps will reproduce the problem?
1. Posting a review with a perforce depot
2.
3.
What is the expected output? What do you see instead?
Here's the error backtrace:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/core/handlers/base.py",
line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/views/decorators/cache.py",
line 52, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Django-1.6.5-py2.7.egg/django/views/decorators/vary.py",
line 19, in inner_func
response = func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/resources.py",
line 451, in __call__
result = view(request, api_format=api_format, *args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/resources.py",
line 672, in post
return self.create(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 115, in _call
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/webapi/decorators.py",
line 110, in _check
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 115, in _call
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 136, in _checklogin
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 115, in _call
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 115, in _call
return view_func(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Djblets-0.8-py2.7.egg/djblets/webapi/decorators.py",
line 285, in _validate
return view_func(*args, **new_kwargs)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/webapi/resources/review_request.py",
line 561, in create
create_from_commit_id=create_from_commit_id)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/reviews/managers.py",
line 135, in create
review_request.update_from_commit_id(commit_id)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/reviews/models/base_review_request_details.py",
line 181, in update_from_commit_id
changeset = scmtool.get_changeset(commit_id, allow_empty=True)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/scmtools/perforce.py",
line 330, in get_changeset
allow_empty)
File "/usr/local/lib/python2.7/dist-packages/ReviewBoard-2.0-py2.7.egg/reviewboard/scmtools/perforce.py",
line 391, in parse_change_desc
split = changeset.description.find('\n\n')
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 20:
ordinal not in range(128)
,
POST:[u'devsrc-2666']}>,
COOKIES:{'rbsessionid': 'x6goqyige4r9po0dg0al15jgsobv47c4'},
META:{'CONTENT_LENGTH': '265',
'CONTENT_TYPE': 'multipart/form-data;
boundary=10.252.243.193.502.93799.1402046892.425.1',
'DOCUMENT_ROOT': '/var/www/mobile.reviews/htdocs',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT_ENCODING': 'identity',
'HTTP_CONNECTION': 'close',
'HTTP_COOKIE': 'rbsessionid=x6goqyige4r9po0dg0al15jgsobv47c4',
'HTTP_HOST': 'mobile-dev.eng.citrite.net',
'HTTP_USER_AGENT': 'RBTools/0.4.2',
'PATH_INFO': u'/reviews/api/review-requests/',
'PATH_TRANSLATED':
'/var/www/mobile.reviews/htdocs/reviewboard.wsgi/reviews/api/review-requests/',
'QUERY_STRING': '',
'REMOTE_ADDR': '10.252.243.193',
'REMOTE_PORT': '55005',
'REQUEST_METHOD': 'POST',
'REQUEST_URI': '/reviews/api/review-requests/',
'SCRIPT_FILENAME': '/var/www/mobile.reviews/htdocs/reviewboard.wsgi',
'SCRI
Re: Issue 3406 in reviewboard: output json without html entity escape in script tag
Updates: Status: Started Owner: chip...@gmail.com Comment #1 on issue 3406 by chip...@gmail.com: output json without html entity escape in script tag http://code.google.com/p/reviewboard/issues/detail?id=3406 Thanks for the report. In the future, so that we can address these issues before they go public, can you post to secur...@reviewboard.org? -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups "reviewboard-issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard-issues+unsubscr...@googlegroups.com. To post to this group, send email to reviewboard-issues@googlegroups.com. Visit this group at http://groups.google.com/group/reviewboard-issues. For more options, visit https://groups.google.com/d/optout.
Issue 3406 in reviewboard: output json without html entity escape in script tag
Status: New
Owner:
Labels: Type-Defect Priority-Medium
New issue 3406 by uchida...@gmail.com: output json without html entity
escape in script tag
http://code.google.com/p/reviewboard/issues/detail?id=3406
*** READ THIS BEFORE POSTING!
***
*** You must complete this form in its entirety, or your bug report will be
rejected.
***
*** For customer support, please post to reviewbo...@googlegroups.com
***
*** If you have a patch, please submit it to
http://reviews.reviewboard.org/
***
*** Do not post confidential information in this bug report!
What version are you running?
What's the URL of the page containing the problem?
https://reviews.reviewboard.org/r/5570/diff/
What steps will reproduce the problem?
1. The name change to "alert".
2. Add comment for review diff.
3. When view diff, pop up alert.
What is the expected output? What do you see instead?
What operating system are you using? What browser?
Please provide any additional information below.
`{"name": " alert(1)"}` is valid josn.
But it output into script tag
```
var json = {"name": " alert(1)"};
```
same this
```
var json = {"name": "
alert(1)
"};
```
https://code.google.com/p/reviewboard/source/browse/trunk/reviewboard/reviews/templatetags/reviewtags.py#154
https://code.google.com/p/reviewboard/source/browse/trunk/reviewboard/reviews/templatetags/reviewtags.py#202
I think the characters &, < and > should be escaped in result from
simplejson.dumps, or use JSONEncoderForHTML.
https://github.com/simplejson/simplejson/blob/master/simplejson/encoder.py#L353
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
You received this message because you are subscribed to the Google Groups
"reviewboard-issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to reviewboard-issues+unsubscr...@googlegroups.com.
To post to this group, send email to reviewboard-issues@googlegroups.com.
Visit this group at http://groups.google.com/group/reviewboard-issues.
For more options, visit https://groups.google.com/d/optout.
