← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #87191

[Bug 1894801] Re: django encoding issue in password setting

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.opendev.org/c/openstack/horizon/+/806949
Committed: https://opendev.org/openstack/horizon/commit/e68e23937341d03be7475d71903f31a61403c1e2
Submitter: "Zuul (22348)"
Branch:    master

commit e68e23937341d03be7475d71903f31a61403c1e2
Author: Radomir Dopieralski <openstack@xxxxxxxxxxxx>
Date:   Wed Sep 1 18:01:41 2021 +0200

    Escape unicode characters when setting logout_reason cookie
    
    Change-Id: Ic61a3958461a4a939acc40d1039881e2d4c3a1cd
    Closes-bug: #1894801


** Changed in: horizon
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1894801

Title:
  django encoding issue in password setting

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  Env: devstack master branch / devstack ussuri/stable branch

  Steps to reproduce:

  1. Go to admin - Settings - User Settings
  2. Change language from English(en) to 한국어(ko) (or Japanese etc.)
  3. Go to 'Change Password' panel and change your password

  Then, it makes '500 internal server error'.

  Error info:
  2020-09-08 06:48:02.024858 DEBUG openstack_dashboard.api.keystone Creating a new keystoneclient connection to http://192.168.1.10/identity/v3.
  2020-09-08 06:48:02.025560 DEBUG keystoneauth.session REQ: curl -g -i -X GET http://192.168.1.10/identity/v3/users/a6afb486ad9b4200a4ed37b6865f4e65 -H "Accept: application/json" -H "Forwarded: for=61.72.172.1;by=python-keystoneclient" -H "User-Agent: python-keystoneclient" -H "X-Auth-Token: {SHA256}121fbe208e018ce54881718f444281142427350e3e97e2f825ed14670d66b323"
  2020-09-08 06:48:02.052111 DEBUG keystoneauth.session RESP: [200] Connection: close Content-Length: 248 Content-Type: application/json Date: Tue, 08 Sep 2020 06:48:02 GMT Server: Apache/2.4.29 (Ubuntu) Vary: X-Auth-Token x-openstack-request-id: req-8bd7b3f9-e47c-4132-ae0a-3334c253fbf2
  2020-09-08 06:48:02.052284 DEBUG keystoneauth.session RESP BODY: {"user": {"id": "a6afb486ad9b4200a4ed37b6865f4e65", "name": "admin", "domain_id": "default", "enabled": true, "password_expires_at": null, "options": {}, "links": {"self": "http://192.168.1.10/identity/v3/users/a6afb486ad9b4200a4ed37b6865f4e65"}}}
  2020-09-08 06:48:02.052313
  2020-09-08 06:48:02.052396 DEBUG keystoneauth.session GET call to identity for http://192.168.1.10/identity/v3/users/a6afb486ad9b4200a4ed37b6865f4e65 used request id req-8bd7b3f9-e47c-4132-ae0a-3334c253fbf2
  2020-09-08 06:48:02.052686 DEBUG openstack_dashboard.api.keystone Creating a new keystoneclient connection to http://192.168.1.10/identity/v3.
  2020-09-08 06:48:02.132947 mod_wsgi (pid=22999): Exception occurred processing WSGI script '/opt/stack/horizon/openstack_dashboard/wsgi.py'.
  2020-09-08 06:48:02.133017 Traceback (most recent call last):
  2020-09-08 06:48:02.133033   File "/usr/local/lib/python3.6/dist-packages/django/core/handlers/wsgi.py", line 150, in __call__
  2020-09-08 06:48:02.133036     start_response(status, response_headers)
  2020-09-08 06:48:02.133046 ValueError: unicode object contains non latin-1 characters

  Then, I printed response header and logout_reason includes
  uninterpretable string.

  2020-09-08 07:40:56.926214 [('Content-Type', 'text/html;
  charset=utf-8'), ('Location', '/dashboard/auth/logout/'), ('X-Frame-
  Options', 'SAMEORIGIN'), ('Vary', 'Accept-Language, Cookie'),
  ('Content-Language', 'ko'), ('Content-Length', '0'), ('Set-Cookie', '
  logout_reason="\xeb\xb9\x84\xeb\xb0\x80\xeb\xb2\x88\xed\x98\xb8\xeb\xa5\xbc
  \xeb\xb3\x80\xea\xb2\xbd\xed\x95\x98\xec\x98\x80\xec\x8a\xb5\xeb\x8b\x88\xeb\x8b\xa4.
  \xeb\x8b\xa4\xec\x8b\x9c \xeb\xa1\x9c\xea\xb7\xb8\xec\x9d\xb8
  \xed\x95\xb4\xec\xa3\xbc\xec\x8b\xad\xec\x8b\x9c\xec\x98\xa4.";
  expires=Tue, 08 Sep 2020 07:41:06 GMT; Max-Age=10; Path=/'), ('Set-
  Cookie', ' logout_status=success; expires=Tue, 08 Sep 2020 07:41:06
  GMT; Max-Age=10; Path=/'), ('Set-Cookie', '
  sessionid=fc6dlnkbz9hvv3xp5mrs4gbhtqqhg586; expires=Tue, 08 Sep 2020
  08:40:29 GMT; HttpOnly; Max-Age=3573; Path=/; SameSite=Lax')]

  I debugged horizon codes and I found problem-causing part.

  - 'handle' method in 'horizon/openstack_dashboard/dashboards/settings/password/forms.py'
  - 'add_logout_reason' function in 'horizon/horizon/utils/functions.py'

  In 'add_logout_reason" function, it translates logout_reason message to Korean and adds translated message into cookie.
  I think translated message makes errors.
  It works without errors when you don't set a password reason message on the cookie or message doesn't include unicode characters.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1894801/+subscriptions

References

  Thread PreviousDate PreviousThread Next