Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deleting your own startpage causes infinite loop #4117

Closed
jhaar opened this issue Sep 1, 2017 · 0 comments
Closed

deleting your own startpage causes infinite loop #4117

jhaar opened this issue Sep 1, 2017 · 0 comments
Assignees
Labels
Milestone

Comments

@jhaar
Copy link

@jhaar jhaar commented Sep 1, 2017

I have a test account and after fiddling with Dashboards under my admin account, went and logged in with it and got an infinite loop of "cannot load xxxxx"

Figured out that I must have set the startpage to a Dashboard that I later deleted. Then when you log in, it tries to load your startpage, fails, and goes into a loop. Freaked me out - I thought I had an authentication problem and couldn't stop it (ended up killing the tab to get rid of it).

Expected Behavior

I think it should check the first attempt and if a 403 occurs, STOP. The loop is the only issue

Your Environment

  • Graylog Version: 2.3.1
  • Elasticsearch Version:
  • MongoDB Version:
  • Operating System:
  • Browser version: Chrome 60
@joschi joschi added this to the 2.3.2 milestone Sep 12, 2017
@dennisoelkers dennisoelkers self-assigned this Sep 12, 2017
dennisoelkers added a commit that referenced this issue Sep 12, 2017
Before this change, the user was redirected to the user's startpage,
when fetching an entity failed with an http error code of 403 (obviously
being the case for non-admin users only, admin users either get the
entity or a 404). This results in an infinite redirect loop if the
missing or non-permitted entity/resource is the same as the configured
start page.

With this change, the user is redirected to the already existing "Not
found" page previously used to handle nonexisting resources. This also
raises the user's attention that the configured start page is
inaccessible.

Fixes #4117.
@ghost ghost added the in progress label Sep 12, 2017
joschi added a commit that referenced this issue Sep 12, 2017
Before this change, the user was redirected to the user's startpage,
when fetching an entity failed with an http error code of 403 (obviously
being the case for non-admin users only, admin users either get the
entity or a 404). This results in an infinite redirect loop if the
missing or non-permitted entity/resource is the same as the configured
start page.

With this change, the user is redirected to the already existing "Not
found" page previously used to handle nonexisting resources. This also
raises the user's attention that the configured start page is
inaccessible.

Fixes #4117.
dennisoelkers added a commit that referenced this issue Sep 13, 2017
Before this change, the user was redirected to the user's startpage,
when fetching an entity failed with an http error code of 403 (obviously
being the case for non-admin users only, admin users either get the
entity or a 404). This results in an infinite redirect loop if the
missing or non-permitted entity/resource is the same as the configured
start page.

With this change, the user is redirected to the already existing "Not
found" page previously used to handle nonexisting resources. This also
raises the user's attention that the configured start page is
inaccessible.

Fixes #4117.

(cherry picked from commit c89f7d6)
@joschi joschi closed this in #4143 Sep 13, 2017
joschi added a commit that referenced this issue Sep 13, 2017
Before this change, the user was redirected to the user's startpage,
when fetching an entity failed with an http error code of 403 (obviously
being the case for non-admin users only, admin users either get the
entity or a 404). This results in an infinite redirect loop if the
missing or non-permitted entity/resource is the same as the configured
start page.

With this change, the user is redirected to the already existing "Not
found" page previously used to handle nonexisting resources. This also
raises the user's attention that the configured start page is
inaccessible.

Fixes #4117

(cherry picked from commit c89f7d6)
@ghost ghost removed the in progress label Sep 13, 2017
@joschi joschi modified the milestones: 2.3.2, 2.4.0 Oct 19, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

4 participants
You can’t perform that action at this time.