View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009869 | mantisbt | bugtracker | public | 2008-11-22 07:08 | 2009-02-18 08:10 |
Reporter | dirkdatzert | Assigned To | jreese | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Fixed in Version | 1.1.6 | ||||
Summary | 0009869: application error 2800 still in version 1.1.5 | ||||
Description | after clearing the cache and updating from 1.1.4 to 1.1.5 the bug report page failes always on the second new bug trying to add. | ||||
Tags | No tags attached. | ||||
has duplicate | 0009950 | closed | jreese | Upgrade to 1.1.5 did not fix bug posting error found on issue 0009754 |
has duplicate | 0009977 | closed | jreese | Report Issue -> Jumps in wrong project -> Application Error 2800 |
has duplicate | 0010049 | closed | jreese | Error 2008 |
has duplicate | 0010195 | closed | jreese | Reporting Issue |
As far as I tracked down the problem the form_security_token named 'bug_report_token' is in the form, but isn't validated correct by form_security_validate which returns false on the second bug report. I fixed it for my local version by form_security_validate will always return true now. |
|
An other solution special for IE would be the change in core.php: |
|
The problem I assume is that the 'bug_report_token' doesn't change (which it should), which is why form_security_validate() will fail. Do you have a proxy server between you and the web server? I'm just trying to gather as much data as I can to figure this out... |
|
Ok - I wanted to make sure I eliminated 2800 entirely before I posted this.. It is a backward simplistic fix but it works. It seems I have defeated it.. It has not reapeared in firefox 3.x or ie7 for windows vista since i changed these and I tested on Apache 2.x and IIS7. The approach I used forces IE to refresh the cache every time automatically without having to press alt key then refresh or without changing ie config or clearing cache manually. I have not disabled proxy-revalidate yet but dont think I will need to since this has NOT failed yet and I am on like 20 posts to several projects most of which were done sequencially one after another. Add the 3 lines listed below to 4 files:
SOME MORE ADVICE: You can just make one file and call it something like 2800fix.php and just use includes in those 4 files. You can probably put it in config_inc.php or core.php so every page on the site does this but I dont recommnend that. P.S. I am using 1.1.4 |
|
BTW - Forgot to mention.. The page does nto fully refresh until you submit a trouble report meaning when you hit back button after you get an error for like not filling in a required feild, your browser WILL retain all feilds so you dont have to fill them in again. This is NOT the case if you use the recommnded file.. i.e. commenting out the dollowing line: #case 'IE': With the recommnded fix, mantis becomes a headache since you MUST fill in all feilds again which can take minutes or even hours with long complicated posts. |
|
There is no proxy between browser and server. I compared the values of 'bug_report_token' which were different on the two form pages. |
|
Ok, I think we finally have this issue nailed down. The appropriate patches for each branch have been committed, which adds 'Last-Modified' headers to the output of core.php. This fixes the root problem of the server returning 302 Not Modified, and because of that, fixes the problems where IE6 and friends did not pull a new form security token. At the same time, we were able to return back to sending the necessary caching headers for IE6 and IE7 to retain form contents when pressing the back button, in case of mistakes. The patches listed below can be applied to 1.1.5 to solve the problem, until we can get a 1.1.6 release tested and out the door. Again, clear your browser's cache after applying the fix to be sure the issue has been resolved. |
|
jreese - thank you for the fix. this was a tough assignment. no problems on my end reported at all. did you ever fix the issue related to password hashing in emails - the one that when you click on the verify password link you get the mantis error? please email me or add a quick blurb to this post. Thanks, TOm |
|
Yes, that problem was fixed in the normal 1.1.5 release. See issue 0009713. |
|
MantisBT: master 14d3d357 2008-11-24 09:11 Details Diff |
Revert <a class="text" href="/?p=mantisbt.git;a=object;h=c6821f71">c6821f71</a>, fix 0009754, 0009869, 0009323 by adding Last-Modified headers to match Expires. Commit has been tested on: FF 2.0.14 FF 3.0.4 IE 8.0.6001.18241 IE 6.0.2900.5122 GC 0.4.154.23 Opera 9.51.10081 |
Affected Issues 0009323, 0009754, 0009869 |
|
mod - core.php | Diff File | ||
MantisBT: master-1.1.x 161a677e 2008-11-24 09:11 Details Diff |
Revert <a class="text" href="/?p=mantisbt.git;a=object;h=4ee424e1">4ee424e1</a>, fix 0009754, 0009869, 0009323 by adding Last-Modified headers to match Expires. Commit has been tested on: FF 2.0.14 FF 3.0.4 IE 8.0.6001.18241 IE 6.0.2900.5122 GC 0.4.154.23 Opera 9.51.10081 |
Affected Issues 0009323, 0009754, 0009869, 0009892 |
|
mod - core.php | Diff File |