-
Notifications
You must be signed in to change notification settings - Fork 307
Calipso fails to initiate the session when proxy-search request comes in #267
Comments
Which branch are you using, I thought this was fixed some time ago, but I'll make sure it gets into whatever branch you're using.
|
I am using master branch (yesterday I've checked out fresh 0.3.50 version, and it still was failing at these requests) |
I pushed and published a fix to this. I am currently working on the module_refactor which now also contains this fix.
|
BTW: Which authentication are you using? I was unable to readily reproduce the problem, but I could see that the code didn’t double check that req.session was set.
|
Thanks for an explanation! |
I fixed the error in both branches and published a new npm. Eventually i Sent from my iPhone On Dec 19, 2014, at 12:46 AM, Alex notifications@github.com wrote: Thanks for an explanation! — |
This has been fixed. |
Well, I guess it is a Windows thing, but I manage to recreate this bug on master and module_refactor freshly-installed branch. |
You're still seeing the session problem? Sent from my iPhone On Dec 22, 2014, at 8:42 AM, Alex notifications@github.com wrote: Well, I guess it is a Windows thing, but I manage to recreate this bug on — |
Yes, the same problem - the log from the very installation is shown below. The error is thrown because no session is initialized (unable to read _req.session.user_ property)
|
This must be in a second place then. I saw you added an initialization to the session, but that can cause problems with the authentication system.
|
Thanks a lot! I'll try to examine it as well. |
I am unable to get into a scenario where the session is undefined. Which URL are you executing when this happens?
|
You need to telnet calipso in order to simulate it, the example request was listed in the very ticket. Basically it simulates proxy-search request (pretty bad guys who are doing it). |
This seems to actually be a bug in express.session. If the URL doesn't start with / then session will not get defined at all. I added a wrapper to express.session to default the session to {} in that case. |
Great that finally figured that out. |
Hello, hope that this will really help. I have Calipso working on my 80 port, so some guys constantly are bombing 80 port with proxy-search requests
The problem is that when these requests happen, following error crashes the Calipso
I've made a bit of research, and it appears that in the case of these requests object _req.session_ is not initialized, so the application crashes when tries to use it. So, I had to make a terrible, but working fix - in calipso.js, in routingFn() I've put this code:
I understand that this is an issue of Express or Everyauth library, but maybe there is a known solution for Calipso.
And thanks for a Calipso CMS!
The text was updated successfully, but these errors were encountered: