OpenStack Dashboard (Horizon)

use a django form

Bug #1331434 reported by Matthias Runge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
High
Matthias Runge
OpenStack Dashboard (Horizon) 2015.1.0 "kilo"

Bug Description

https://github.com/openstack/horizon/blob/master/openstack_dashboard/dashboards/admin/metering/templates/metering/stats.html

uses a hard coded form, but should rather use django forms.
There's no real security check, csrf protection, etc.

Matthias Runge (mrunge)
Changed in horizon:
status: New → Triaged
importance: Undecided → High
Nikunj Aggarwal (nikunj2512)
Changed in horizon:
assignee: nobody → Nikunj Aggarwal (nikunj2512)
Matthias Runge (mrunge)
Changed in horizon:
assignee: Nikunj Aggarwal (nikunj2512) → Matthias Runge (mrunge)
Revision history for this message
Matthew D. Wood (woodm1979) wrote :

Also happens in:
https://github.com/openstack/horizon/blob/master/openstack_dashboard/dashboards/admin/metering/templates/metering/daily.html

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/107011

Changed in horizon:
status: Triaged → In Progress
OpenStack Infra (hudson-openstack)
Changed in horizon:
assignee: Matthias Runge (mrunge) → Nikunj Aggarwal (nikunj2512)
OpenStack Infra (hudson-openstack)
Changed in horizon:
assignee: Nikunj Aggarwal (nikunj2512) → Matthias Runge (mrunge)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/107011
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=ca2e10c3e8efa6d5ae07a04ea0cd6a029dad7319
Submitter: Jenkins
Branch: master

commit ca2e10c3e8efa6d5ae07a04ea0cd6a029dad7319
Author: Matthias Runge <email address hidden>
Date: Tue Oct 14 11:26:42 2014 +0200

    Refactor metering dashboard

    - check date range for validity
    - use django forms
    - treat times according to users timezone

    Change-Id: I68182ddb4b00d19e54011722ebc770d9aa8e725c
    Closes-bug: #1331427
    Closes-bug: #1331434
    Closes-bug: #1288512

Changed in horizon:
status: In Progress → Fix Committed
Akihiro Motoki (amotoki)
Changed in horizon:
milestone: none → kilo-1
Thierry Carrez (ttx)
Changed in horizon:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in horizon:
milestone: kilo-1 → 2015.1.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.