mobile_api_json_reply sends extra stuff at the top, making it invalid json
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| Mahara |
High
|
Leo Xiong | ||
| 1.8 |
High
|
Robert Lyon |
Bug Description
An example is this, using the wrong api token
D/RestClient( 2917): Response = <form name="jsdetecto
D/RestClient( 2917): <input name="javascrip
D/RestClient( 2917): <script type="text/
D/RestClient( 2917): document.
D/RestClient( 2917): </script>
D/RestClient( 2917): </form>
Stolen from a maharadroid with a patch to log the responses, but that can be obtained with easier ways.
Just need to find the jsdectector stuff and make sure it isn't done in a part of mahara that has json reply in it. This may actually break some of the json stuff as well? or the /api/mobile/
Aaron Wells (u-aaronw) wrote : | #1 |
tags: | added: maharadroid |
Changed in mahara: | |
status: | Triaged → Opinion |
status: | Opinion → New |
Patch for "master" branch: https:/
Changed in mahara: | |
status: | New → In Progress |
assignee: | nobody → Leo Xiong (hello-w) |
Aaron Wells (u-aaronw) wrote : | #3 |
I should really put together some documentation on the wiki, of all the different page-top constants we use...
Reviewed: https:/
Committed: http://
Submitter: Aaron Wells (<email address hidden>)
Branch: master
commit 4eb4e184586422a
Author: Leo Xiong <email address hidden>
Date: Tue Jan 14 16:34:01 2014 +1300
Added define('JSON', 1) and define('NOSESSKEY') to remove jsdetector and the requirement of a session key from api/mobile/sync.php and also upload.php. bug #1268788
Change-Id: I87d304e7ed80ad
Signed-off-by: Leo Xiong <email address hidden>
Changed in mahara: | |
status: | In Progress → Fix Committed |
Patch for "master" branch: https:/
Reviewed: https:/
Committed: http://
Submitter: Robert Lyon (<email address hidden>)
Branch: master
commit 1a5d395cdb87a7e
Author: Aaron Wells <email address hidden>
Date: Tue Jan 21 14:39:42 2014 +1300
Revert "Add class JavascriptDetector for checking if javascript is enabled"
This reverts commit 1cdc0486e956fbc
The JSDetector class has caused three regressions so far (Bug 1270846,
Bug 1261610, and Bug 1268788). Since it's been buggy and it's not
actively in use anywhere in the site, I think we should revert it.
Change-Id: If32d5adf8733ce
Patch for "1.8_STABLE" branch: https:/
Reviewed: https:/
Committed: http://
Submitter: Robert Lyon (<email address hidden>)
Branch: 1.8_STABLE
commit a1ac59ae8179f01
Author: Leo Xiong <email address hidden>
Date: Tue Jan 14 16:34:01 2014 +1300
Added define('JSON', 1) and define('NOSESSKEY') to remove jsdetector and the requirement of a session key from api/mobile/sync.php and also upload.php. bug #1268788
Change-Id: I87d304e7ed80ad
Signed-off-by: Leo Xiong <email address hidden>
Changed in mahara: | |
status: | Fix Committed → Fix Released |
See also https:/ /bugs.launchpad .net/mahara/ +bug/1261610