Task #9139 (closed)
Bug: web public url_filter
Reported by: | wmoore | Owned by: | cxallan |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-4.4 |
Component: | Web | Version: | n.a. |
Keywords: | n.a. | Cc: | |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | 0.0d |
Sprint: | 2012-07-03 (18) |
Description
I have these values set up
jrs-macbookpro-25107:OMERO will$ omero config get omero.web.debug=True omero.web.public.enabled=True omero.web.public.password=ome omero.web.public.url_filter=webtest omero.web.public.user=emdb_public
However, when I go to localhost:8000/webtest
I don't get logged in (redirected to webclient login).
If I do this, then the public login works for that url:
diff --git a/components/tools/OmeroWeb/omeroweb/decorators.py b/components/tools/OmeroWeb/omeroweb/decorators.py index 7acbf48..bf41ef1 100644 --- a/components/tools/OmeroWeb/omeroweb/decorators.py +++ b/components/tools/OmeroWeb/omeroweb/decorators.py @@ -155,7 +155,9 @@ class login_required(object): Verifies that the URL for the resource being requested falls within the scope of the OMERO.webpublic URL filter. """ - return settings.PUBLIC_URL_FILTER.match(request.path) is not None + p = request.path.strip("/") + return settings.PUBLIC_URL_FILTER.match(p) is not None def get_connection(self, server_id, request):
I'm no regex expert, but I'm sure there's a nicer way to fix this one?
Change History (6)
comment:1 Changed 12 years ago by cxallan
- Remaining Time set to 0.25
comment:2 Changed 12 years ago by cxallan
- Status changed from new to accepted
comment:3 Changed 12 years ago by jburel
- Sprint changed from 2012-06-19 (17) to 2012-07-03 (18)
comment:4 Changed 12 years ago by cxallan
- Remaining Time changed from 0.25 to 0
- Resolution set to fixed
- Status changed from accepted to closed
Closed by upstream commit on sprint18-bugfixes:
comment:5 Changed 12 years ago by Chris Allan <callan@…>
(In [41c8f373f925e8d552ed64600d7810b5489ba2ca/ome.git] on branch develop) Add a safety net for partial OMERO.webpublic configuration. (See #9139)
comment:6 Changed 12 years ago by Chris Allan <callan@…>
(In [85f04ef083af284934100da75fa05580c472338e/ome.git] on branch develop) Switch OMERO.webpublic URL filter to re.search. (Fixes #9139)
Previously the OMERO.webpublic URL filter was using re.match, which
would not allow more flexible regular expression matching. Switching to
re.search means that "exotic" matching techniques can be used, but does
mean that more explicit regular expressions are needed when attempting
to filter based on a base URL:
- 'webtest' matches '/webtest' but also '/webclient/webtest'
- 'dataset' matches '/webtest/dataset' and also '/webclient/dataset'
- '/webtest' matches '/webtest...' but also '/webclient/webtest'
- '/webtest' matches '/webtest...' but not '/webclient/webtest'
We'll have to be very explicit about this in the documentation if we
choose to keep the re.search.
Moved from sprint 2012-06-19 (17)