[Xymon] disable not always working in 4.3.25
J.C. Cleaver
cleaver at terabithia.org
Wed Feb 10 22:50:17 CET 2016
On Wed, February 10, 2016 11:14 am, John Thurston wrote:
> I can disable tests when I use
> https://x.foo.com/xymon-seccgi/enadis.sh
>
> but when I try to disable tests from a host's "info" page, it quietly
> fails.
>
> https://x.foo.com/xymon-cgi/svcstatus.sh?HOST=y.foo.com&SERVICE=info
>
> I suspect this is related to the cgi_refererok function added to
> lib/cgi.c I can see there may be a chance at some logging, but I can't
> figure out which module on which to enable --debug.
>
> Can someone tell me where I will find the output from cgi_refererok
>> errprintf("Disallowed request due to missing HTTP_HOST variable\n");
> or from enadis.c
>> dbgprintf("Not coming from self or svcstatus; abort\n");
>
>
Sigh.
There are actually two bugs here:
1) 'info' pages cannot run the javascript validating used for actually
submitting the page to enadis.sh, and
2) the 'enadis.sh' page incorrectly redirecting afterwards when it's
finished with its processing.
The following two patches should fix these both. (Tested on Chrome, but
not yet Firefox.) If you can validate them, that would be helpful.
-jc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: svcstatus-cspfix.patch
Type: text/x-patch
Size: 2064 bytes
Desc: not available
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160210/2c44777e/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: enadis-secfix.patch
Type: text/x-patch
Size: 634 bytes
Desc: not available
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20160210/2c44777e/attachment-0001.bin>
More information about the Xymon
mailing list