Actions
action #119356
openopenqa.opensuse.org login was again redirecting to wrong page due to our javascript code conducting DoS attacks
Start date:
2022-10-25
Due date:
% Done:
0%
Estimated time:
Tags:
Description
Motivation¶
In https://suse.slack.com/archives/C028VS8TM2B/p1666683731354889 fvogt said "Looks like the login on openqa.opensuse.org is broken again, the usual issue that it tries to log into mirrorcache(-br) instead". andriinikitin fixed this but suggested that related to https://github.com/os-autoinst/openQA/pull/4639 we should try to find out why javascript starts DoS at all and "Did you consider that /minion/history may need the same treatment because it is referenced from JS as well https://github.com/mojolicious/minion/blob/main/lib/Mojolicious/Plugin/Minion/resources/templates/minion/dashboard.html.ep#L35"
Acceptance criteria¶
- AC1: The code in /minion/history is ensured to not cause DoS attacks
Suggestions¶
- Try to find out why javascript starts DoS at all
- Consider that /minion/history may need the same treatment because it is referenced from JS as well https://github.com/mojolicious/minion/blob/main/lib/Mojolicious/Plugin/Minion/resources/templates/minion/dashboard.html.ep#L35
Actions