Ticket #1407 (closed defect: fixed)
InternalRedirect conflict with nested variables and decoding filter
|Reported by:||simonk||Owned by:||anonymous|
(I think this is related to ticket #1340, but I don't want to hijack someone else's ticket without permission - please feel free to close as a duplicate if you think it is appropriate)
I get a problem when I try to access a URL protected by Identity with parameters that are parsed by the nested variables filter (eg. /protected_url?a.b=1&a.c=2), when I am not logged in. Instead of being directed to the login page, I get a stack trace from the decoding filter.
The attached patch to the identity test suite should hopefully show the problem. Basically, I think the CherryPy? decoding filter is running after the nested variables filter when an Identity check is involved, and it doesn't know how to deal with dicts. The stack trace is:
Traceback (most recent call last): File "C:\Python24\lib\site-packages\cherrypy-2.2.1-py2.4.egg\cherrypy\_cphttptools.py", line 103, in _run applyFilters('before_main') File "C:\Python24\lib\site-packages\cherrypy-2.2.1-py2.4.egg\cherrypy\filters\__init__.py", line 151, in applyFilters method() File "C:\Python24\lib\site-packages\cherrypy-2.2.1-py2.4.egg\cherrypy\filters\decodingfilter.py", line 31, in before_main self.decode(enc) File "C:\Python24\lib\site-packages\cherrypy-2.2.1-py2.4.egg\cherrypy\filters\decodingfilter.py", line 50, in decode decodedParams[key] = value.decode(enc) AttributeError: 'dict' object has no attribute 'decode'
Since ticket #1340 is about unicode strings rather than nested variables, is it possible that the filters are actually being run twice when redirecting to the failure_url, causing the decode filter to decode things that are already unicode strings (the problem in #1340) or dictionaries (in the nested variables case).
- Summary changed from Identity conflict with nested variables and decoding filter to InternalRedirect conflict with nested variables and decoding filter
- Status changed from closed to reopened
- Version changed from 1.0.2 to trunk
- Resolution fixed deleted
- Severity changed from normal to blocker