View Issue Details

IDProjectCategoryView StatusLast Update
0025892mantisbtbugtrackerpublic2019-08-02 15:59
Reporter123 Assigned Todregad  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionduplicate 
Product Version2.21.1 
Summary0025892: Incorrect operation of the helper_generate_cache_key() function.
Description

Statuses are displayed as black squares if you make a full update on the page login_password_page.php in the process of user reauthentication.

This situation can occur both as a result of the user's active actions, for example, if he presses Shift + F5 or as a result of the operation of the built-in mechanisms for updating the cache by the browser.

This behavior occurs because the helper_generate_cache_key () function uses the current_iser_id, which on this page is equal to the current user, as the salt in the process of generating the cache key. In this case, status_config.php gives an empty response if the referer_page is equal to login_password_page.php. Further, the browser caches the file with the correct key and empty contents and does not attempt to update it when returning to the system.

Steps To Reproduce

Here is a sequence of actions that will lead to a black status:

  1. Wait until the TOKEN_AUTHENTICATED expires under your user;
  2. Go to your account settings or to the "management" section if it is available to you;
  3. On the password entry page (login_password_page.php) of the current user, you need to completely update the page in any way (in google chrome it is Shift + F5);
  4. Enter the password of the current user.

After that, all statuses will be displayed as black squares.

TagsNo tags attached.

Relationships

duplicate of 0024189 closedcproensa Status color squares become black 

Activities

123

123

2019-06-28 04:06

reporter   ~0062330

PR https://github.com/mantisbt/mantisbt/pull/1522

cproensa

cproensa

2019-07-09 07:18

developer   ~0062372

Thanks for your analysis, and good work on catching the cause of this bug!

So, i'll put the issue the other way:
When the user is in the reathentication page, the CSS that is generated as status_config.php is returned blank. If that instance of the file is cached at that point in time, it remains in use for succesive page loads and the satus colors are not rendered.

I think the proper solution is to solve why that css is not generated correctly at that point.
The cache key for the file is generated ok, and not providing it by matching the server request, etc, is actually a hack.

cproensa

cproensa

2019-07-09 09:24

developer   ~0062373

I have submitted a different fix:
https://github.com/mantisbt/mantisbt/pull/1526

dregad

dregad

2019-07-15 10:29

developer   ~0062389

@123, my understanding is that this issue is effectively fixed by @cproensa's fix for 0024189; I will therefore resolve it as duplicate. If you disagree with this, please feel free to reopen.