- Status changed to Needs review
almost 2 years ago 8:41am 1 March 2023 - 🇳🇿New Zealand RoSk0 Wellington
Changing the title and description to better reflect what is actually happening here and why.
Also I will start with just the test to proof missing support for various use cases:
- when website is access by authenticated users over CloudFlare
- when website is configure in the flexible encryption mode
- when website have intermediaries between CloudFlare and the origin server, like for example Kubernetes ingress controller or Azure Application Gateway
For starters this patch includes priority change from 🐛 Not original IPs on "access denied", "page not found", Ban module Closed: outdated just to show that authenticated users are still getting insecure cookie in flexible encryption mode with the priority change.
Could not generate interdiff as module moved one since patch in #5, the changes are:
- update number changed from 8003 => 8005
- event subscriber priority from 🐛 Not original IPs on "access denied", "page not found", Ban module Closed: outdated
request->server->get()
calls received default values (somehow that was breaking test)- added functional test
The last submitted patch, 7: cloudflare-3280262-7.patch, failed testing. View results →
- codesniffer_fixes.patch Interdiff of automated coding standards fixes only.- 🇳🇿New Zealand RoSk0 Wellington
Functional test failed in expected way, unit tests failed because of missing configuration value - fixed.
And now with the middleware.
- Status changed to Fixed
almost 2 years ago 7:35pm 1 March 2023 - 🇳🇿New Zealand RoSk0 Wellington
Tests are green, manual testing on a real project went good as well.
Automatically closed - issue fixed for 2 weeks with no activity.