Contrib.social

Check access in file.ajax_progress route

Open on Drupal.org β†’
Created on 6 May 2024, 7 months ago
Updated 17 July 2024, 4 months ago

The path /file/progress/{key} is always available even for anonymous users. So if you navigate to /file/progress/test route you will end up with the following weird message.

{"message":"Starting upload...","percentage":-1}

I propose the route should return 403 or 404 when progress is not available for a given upload process.

πŸ› Bug report
Status

Needs work

Version

11.0 πŸ”₯

Component
File systemΒ  β†’

Last updated about 3 hours ago

Created by

πŸ‡·πŸ‡ΊRussia Chi

Live updates comments and jobs are added and updated live.
  • Needs issue summary update

    Issue summaries save everyone time if they are kept up-to-date. See Update issue summary task instructions.

Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @Chi
  • Comment 6 months ago β†’
    πŸ‡¦πŸ‡ΊAustralia kim.pepper πŸ„β€β™‚οΈπŸ‡¦πŸ‡ΊSydney, Australia

    kim.pepper β†’ made their first commit to this issue’s fork.

  • Merge request !8036#3445399 Check if upload progress is available β†’ (Open) created by kim.pepper
  • Pipeline finished with Canceled
    6 months ago
    Total: 33s
    #171249
  • Pipeline finished with Canceled
    6 months ago
    Total: 76s
    #171250
  • Pipeline finished with Canceled
    6 months ago
    Total: 164s
    #171251
  • Status changed to Needs review 6 months ago
  • Comment 6 months ago β†’
    πŸ‡¦πŸ‡ΊAustralia kim.pepper πŸ„β€β™‚οΈπŸ‡¦πŸ‡ΊSydney, Australia

    I think it's feasible that anonymous users would be able to see file upload progress, so I don't think it's an access thing. But I do agree we should check if the extension is enabled.

    Created a MR.

  • Pipeline finished with Failed
    6 months ago
    Total: 692s
    #171257
  • Comment 6 months ago β†’
    πŸ‡·πŸ‡ΊRussia Chi

    @kim.pepper

    Even if the extension is enabled the message `{"message":"Starting upload...","percentage":-1}` will still appear when no upload process is available.

  • Status changed to Needs work 6 months ago
  • Comment 6 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Can the issue summary be updated to match the standard template?

    See there is a test failure so maybe updating that will be enough coverage for the change being made.

  • Comment 4 months ago β†’
    πŸ‡³πŸ‡ΏNew Zealand quietone
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024