is running Foswiki 2.0. Refresh your browser cache! Please report any issues to IRC #foswiki channel, or open a Task

Item1805: Foswiki Validation Method 'none' doesn't work propperly

Priority: Urgent
Current State: Closed
Released In: 1.0.7
Target Release: patch
Applies To: Engine
Reported By: AndreLichtsteiner
Waiting For:
Last Change By: KennethLavrsen
When saving a topic, Foswiki dies in an infinite rewrite loop requesting Confirmation, even thought we set Validation to 'none':

$Foswiki::cfg{Validation}{Method} = 'none';

We authenticate against Ldap using:
  • LoginManager: LdapApacheLogin
  • PasswordManager: LdapPasswdUser
  • UserMappingManager: LdapUserMapping

Proposed patch from Babar:

diff --git a/core/lib/Foswiki/ b/core/lib/Foswiki/
index 90ff428..751dc17 100644
--- a/core/lib/Foswiki/
+++ b/core/lib/Foswiki/
@@ -521,6 +521,9 @@ See Foswiki::Validation for more information.
 sub checkValidationKey {
     my ($session) = @_;
+    # If validation is disabled, do nothing
+    return if ( $Foswiki::cfg{Validation}{Method} eq 'none' );
     # Check the nonce before we do anything else
     my $nonce = $session->{request}->param('validation_key');
diff --git a/core/lib/Foswiki/ b/core/lib/Foswiki/
index 239a2e6..e04b813 100644
--- a/core/lib/Foswiki/
+++ b/core/lib/Foswiki/
@@ -163,9 +163,9 @@ Return false if not.
 sub isValidNonce {
     my ( $cgis, $nonce ) = @_;
-    print STDERR "V: CHECK: $nonce\n" if TRACE;
     return 1 if ( $Foswiki::cfg{Validation}{Method} eq 'none' );
     return 0 unless defined $nonce;
+    print STDERR "V: CHECK: $nonce\n" if TRACE;
     my $actions = $cgis->param('VALID_ACTIONS');
     return 0 unless ref($actions) eq 'HASH';
     return $actions->{$nonce};

-- Babar

Looks reasonable.

-- CrawfordCurrie - 13 Jul 2009

Ok, so I've committed it.

-- Babar - 13 Jul 2009

ItemTemplate edit

Summary Foswiki Validation Method 'none' doesn't work propperly
ReportedBy AndreLichtsteiner
Codebase 1.0.6
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Priority Urgent
CurrentState Closed
Checkins distro:96320e0a2230 distro:3b40a4bd70bf
TargetRelease patch
ReleasedIn 1.0.7
Topic revision: r6 - 20 Sep 2009, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License