[Dachs-support] UWS and user access control
Markus Demleitner
msdemlei at ari.uni-heidelberg.de
Wed May 4 09:31:26 CEST 2016
Hi Ivan,
On Tue, May 03, 2016 at 06:28:58PM +0200, Ivan Zolotukhin wrote:
> Tested, all works as expected now, except a new bug was discovered
> when accessing a job xml created with HTTP auth headers:
>
> In gavo serve debug:
>
> 2016-05-03 18:14:46+0200 [-] *X*X* Can only pass-through bytes on
> Python 2 (see info for traceback)
> 2016-05-03 18:14:46+0200 [-] "10.120.0.14" - - [03/May/2016:16:14:46
> +0000] "GET /stop/lvg/r/uws.xml/7dmR7W HTTP/1.1" 500 530 "-" "-"
>
> ... and then nothing happens until HTTP timeout is reached.
Ah -- the background here is that if you pass in a unicode string
(hence the mention of python 2 -- the problem is probably gone in
python 3) to any header field in twisted web 1 (which nevow and hence
DaCHS build upon), the whole header is encoded in (IIRC) UCS-32 --
which of course (and rightly) confuses HTTP clients.
In my patch yesterday I forgot to guard against unicode leaking in
the location. I claim this is fixed in rev. 5028.
If a similar thing happens again (in which case I might not be so
sure where unicode has crept in), you can help me by running
sudo ngrep -d lo -x ".*" port 8080
repeating the request and sending me the output of the ngrep.
[unsolicited testimonial: ngrep is a terribly useful tool anyway]
Thanks,
Markus
More information about the Dachs-support
mailing list