[Cubicweb] post login patch

Sylvain Thénault sylvain.thenault at logilab.fr
Thu Feb 18 07:37:54 CET 2010


On 17 février 18:09, Vincent Godard wrote:
> Hi there,

Hi,
 
> since changeset 7b9824d1b734, the request form contains a lot of
> values, displayed in the login redirect by _postlogin, leading to a
> nasty url.
> 
> We propose following simple patch of web/application.py :
> 
> diff -r 1e4547bfcc99 web/application.py
> --- a/web/application.py Wed Feb 17 13:44:51 2010 +0100
> +++ b/web/application.py Wed Feb 17 18:04:51 2010 +0100
> @@ -204,7 +204,7 @@
> # we can't differentiate actual login of automatic session
> # reopening. Is it actually a problem?
> self._update_last_login_time(req)
> - args = req.form
> + args = {}
> args['__message'] = req._('welcome %s !') % req.user.login
> if 'vid' in req.form:
> args['vid'] = req.form['vid']

huum, what kind of nasty things ? IMO we shouldn't erase all the form 
values since we expect to be redirected on the page we were trying to
get when redirected to login. Also, how did you generate that unapplyable
patch ?

-- 
Sylvain Thénault                               LOGILAB, Paris (France)
Formations Python, Debian, Méth. Agiles: http://www.logilab.fr/formations
Développement logiciel sur mesure:       http://www.logilab.fr/services
CubicWeb, the semantic web framework:    http://www.cubicweb.org




More information about the Cubicweb mailing list