[jira] [Commented] (OFBIZ-11609) Prevent recurring errors block due to generateTokenForNonAjax
Locked
[jira] [Commented] (OFBIZ-11609) Prevent recurring errors block due to generateTokenForNonAjax
 
|
[ https://issues.apache.org/jira/browse/OFBIZ-11609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17093331#comment-17093331 ] ASF subversion and git services commented on OFBIZ-11609: --------------------------------------------------------- Commit faf2827e67538854439cdd6c01a179a845a490d1 in ofbiz-framework's branch refs/heads/trunk from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=faf2827 ] Improved: Prevent recurring errors block due to generateTokenForNonAjax (OFBIZ-11609) Fixes the if(test): toString() is not the same than getCanonicalName() Also while at it, in case of exception, uses NoCsrfDefenseStrategy as default > Prevent recurring errors block due to generateTokenForNonAjax > ------------------------------------------------------------- > > Key: OFBIZ-11609 > URL: https://issues.apache.org/jira/browse/OFBIZ-11609 > Project: OFBiz > Issue Type: Improvement > Components: framework/security > Affects Versions: Trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Priority: Trivial > Fix For: Upcoming Branch > > > After the VM demos crash yesterday, I had a look at the log of trunk demo and found a lot of recurring errors block due to CsrfUtil::generateTokenForNonAjax. > It's not a big deal but it's annoying to have such useless errors cluttering the log: > {noformat} > 2020-04-26 06:58:41,803 |27.0.0.1-8009-exec-2 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 06:58:41,803 |27.0.0.1-8009-exec-2 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 06:58:41,803 |27.0.0.1-8009-exec-2 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 06:58:41,804 |27.0.0.1-8009-exec-2 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 06:58:41,804 |27.0.0.1-8009-exec-2 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:04:32,310 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /partymgr/control/viewprofile?partyId=admin&externalLoginKey=EL29aae5fb-64de-444e-860f-072ef093e1aa > 2020-04-26 07:04:41,957 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:04:41,957 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:04:41,958 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:04:41,958 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:04:41,959 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:14:42,668 |27.0.0.1-8009-exec-7 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:14:42,668 |27.0.0.1-8009-exec-7 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:14:42,668 |27.0.0.1-8009-exec-7 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:14:42,669 |27.0.0.1-8009-exec-7 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:14:42,670 |27.0.0.1-8009-exec-7 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:19:48,079 |27.0.0.1-8009-exec-5 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:19:48,079 |27.0.0.1-8009-exec-5 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:19:48,080 |27.0.0.1-8009-exec-5 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:19:48,080 |27.0.0.1-8009-exec-5 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:19:48,081 |27.0.0.1-8009-exec-5 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:23:55,085 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:23:55,086 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:23:55,086 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:23:55,086 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:23:55,087 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:24:30,958 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /partymgr/control/viewprofile?partyId=admin&externalLoginKey=EL8b90e8cb-cf5d-4759-94d6-088c500e91fc > 2020-04-26 07:24:41,370 |7.0.0.1-8009-exec-10 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:24:41,370 |7.0.0.1-8009-exec-10 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:24:41,370 |7.0.0.1-8009-exec-10 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:24:41,370 |7.0.0.1-8009-exec-10 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:24:41,371 |7.0.0.1-8009-exec-10 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:24:55,451 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:24:55,451 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:24:55,452 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:24:55,452 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:24:55,453 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > 2020-04-26 07:24:55,768 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /AdminSearch > 2020-04-26 07:24:55,770 |27.0.0.1-8009-exec-3 |CsrfUtil |E| Cannot find the corresponding request map for path: /AdminSearch > 2020-04-26 07:26:31,353 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocumentTree > 2020-04-26 07:26:31,353 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/ListDocument > 2020-04-26 07:26:31,354 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /views/EditDocument > 2020-04-26 07:26:31,354 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /removeDocumentFromTree > 2020-04-26 07:26:31,355 |27.0.0.1-8009-exec-9 |CsrfUtil |E| Cannot find the corresponding request map for path: /'+ url+' > {noformat} > This is moreover maybe only useful if the token CSRF defense is used, and it's easy to bypass -- This message was sent by Atlassian Jira (v8.3.4#803005) |
«
Return to OFBiz - Notifications
|
1 view|%1 views
| Free forum by Nabble | Edit this page |