View Issue Details

IDProjectCategoryView StatusLast Update
0001190Main CAcert Websitewebsite contentpublic2014-01-08 00:22
Reporterlaw Assigned ToNEOatNHNG  
PriorityimmediateSeveritymajorReproducibilityalways
Status closedResolutionfixed 
PlatformPCOSWindows 
Product Version2013 Q3 
Target Version2013 Q3Fixed in Version2013 Q3 
Summary0001190: News does not display teaser
DescriptionAfter the recent blog update, the teaser is no longer displayed on the CAcert start page. The teaser is still contained in the feed (https://blog.cacert.org/feed/).
Steps To ReproduceOpen CAcert start page
Look at it
Additional Informationthe old rss shows the following lines for the description:
<description>
German Version below ...
</description>

the new rss shows the following line for the description:
<description><![CDATA[German Version below ... ]></description>
TagsNo tags attached.
Reviewed byNEOatNHNG, BenBE
Test Instructions

Activities

law

2013-07-13 22:08

administrator   ~0004129

It would be nice if we could solve this problem in the upcoming software meeting latest. I will try to remember to join the meeting, but failed so during the last months. Feel free to poke me via Skype/Jabber/ICQ if I don't show up myself.

MartinGummi

2013-07-14 08:02

updater  

feed.rss (24,169 bytes)

MartinGummi

2013-07-14 08:11

updater  

feed_old.rss (5,246 bytes)

INOPIAE

2013-07-14 11:22

updater   ~0004130

I pushed a fix to https://github.com/INOPIAE/CAcert/tree/bug-1190
For the testing on the testserver the cronjob to get the blog needs to be updated:
https://wiki.cacert.org/Software/Assessment/20100817-S-A-MiniTOP-telco?highlight=%28feed.rss%29
https://wiki.cacert.org/SystemAdministration/Systems/Webdb#Cron_jobs

law

2013-07-14 15:51

administrator   ~0004134

Last edited: 2013-07-14 16:22

View 2 revisions

OK, I have the feeling that there is development and communication over various channels. I propose to resort to this forum so development is not done twice. It seems that just fixing the line for the description shuffles the order of the output.

To maintain the current expected output, I propose the following patch:
(updated, see POST below)

Please test, since I have not a test system running.

Uli60

2013-07-14 16:04

updater   ~0004135

Last edited: 2013-07-14 16:28

View 5 revisions

fixes
 https://bugs.cacert.org/view.php?id=1190#c4130
and
 https://bugs.cacert.org/view.php?id=1190#c4134
tested on local server.

Both doesn't work ! (empty news block)
=> fail

problem with https://bugs.cacert.org/view.php?id=1190#c4134
syntax error, unexpected T_ECHO in /git/cacert/pages/index/0.php on line 68

with a slight modification in line 68 and line 71 (removing the echo after the variables) there is at least an output.
But there is still a problem:
text shows as:

<![CDATA[German Version below There will be an ATE in Graz (AT) on 16th Augut 2013. More details on the wiki. There are a couple of options to indicate that you are attending: - Email I will attend ATE-Graz - Edit the wiki directly As IanG said: “The ATE or Assurer Training Event is exceptionally recommended for all [...]]]>

this also relates on the https://github.com/MarioLipinski/CAcert/compare/bug-1190-a codebase

law

2013-07-14 16:21

administrator   ~0004136

OK, after review a few things were missed, possible also others. See updated changeset at
https://github.com/MarioLipinski/CAcert/compare/bug-1190

I also fixed some other things for compatibility with future PHP versions, not sure if we want to push it through SA right now, since I want to have a patch for this bug applied ASAP.
https://github.com/MarioLipinski/CAcert/compare/bug-1190-a

law

2013-07-14 16:28

administrator   ~0004137

Patches updated again, please test:

https://github.com/MarioLipinski/CAcert/compare/bug-1190
https://github.com/MarioLipinski/CAcert/compare/bug-1190-a

Uli60

2013-07-14 16:30

updater   ~0004138

=> fail
see addtl. comments under https://bugs.cacert.org/view.php?id=1190#c4135

Uli60

2013-07-14 16:49

updater   ~0004139

https://github.com/MarioLipinski/CAcert/blob/bug-1190-a/pages/index/0.php
revision tested:
to be ok

a. teaser as expected (without ..CDATA..) => ok
b. order teaser link => ok
c. 3rd text includes braces [German version below] => ok

=> ok

MartinGummi

2013-07-14 20:28

updater   ~0004140

Last edited: 2013-07-14 20:51

View 2 revisions

Change parsing of new feed from blog.cacert.org via XML Parser

https://github.com/magujs/cacert-devel/commit/c710807ebccbff5e1fceaaaed81d4bc1d5f5dda0

INOPIAE

2013-07-14 20:58

updater   ~0004141

The test shows now the teaser text.
=> ok

BenBE

2013-07-14 20:59

updater   ~0004142

Used patch provided by magu

mkm

2013-07-14 21:18

reporter   ~0004143

I can confirm that the teaser text shows up in the test system.

INOPIAE

2013-07-14 21:29

updater   ~0004144

please review as at least two tester tested.

Werner Dworak

2013-07-15 05:43

updater   ~0004146

I can confirm that the teaser text shows up in the test system.

Uli60

2013-07-15 15:01

updater   ~0004150

teaser shows up => ok
order: title, description, link => ok

but count of blog articles shown
is an unknown count of blog arcticles
where only the most 3 current articles
shall be shown
=> FAIL

Uli60

2013-07-15 15:02

updater   ~0004151

please limit the count of shown articles to
most recent 3 blog articles (as it was before the patch)

NEOatNHNG

2013-07-15 17:09

administrator   ~0004153

Last edited: 2013-07-15 17:10

View 2 revisions

I have fixed a few issues:

- Directly inserting links could have led to XSS if someone managed to manipulate the RSS feed from the blog

- removed quirks used in UTF-8-handling left over from the previous implementation

- limited news entries shown to 3

Please test and review

law

2013-07-15 17:17

administrator   ~0004154

OK

mkm

2013-07-15 18:51

reporter   ~0004155

I can confirm that only the most recent three blog articles show up in the test system.

MartinGummi

2013-07-15 18:56

updater   ~0004156

=>OK

INOPIAE

2013-07-15 20:41

updater   ~0004157

shows only the last tree blog entries..
=> ok

INOPIAE

2013-07-15 20:41

updater   ~0004158

please review an deploy

BenBE

2013-07-15 21:17

updater   ~0004159

2nd Review OK. Transfer to critical.

wytze

2013-07-16 08:06

developer   ~0004160

The patch has been installed on the production server on July 16, 2013. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2013-07/msg00005.html

INOPIAE

2013-07-18 19:22

updater   ~0004170

The actual teaser for "Improvement in CAcert Software" shows a problem of special characters.
one’s instead one’s

MartinGummi

2013-07-18 19:44

updater   ~0004171

Last edited: 2013-07-18 22:55

View 2 revisions

drop fix

law

2013-07-18 22:32

administrator   ~0004172

This looks like a bug in WordPress for me. The description is delivered as CDATA. I guess WordPress should not do entity replacements in a CDATA section.

NEOatNHNG

2013-08-14 21:02

administrator   ~0004228

I have read the RSS spec again: The description may contain HTML markup so it's strictly speaking not a bug in wordpress (although as they also have a <content:encoded> where they really do HTML it still might well be). I have solved this first decoding all entities and then encoding all entities again which should make sure that Unicode entities get properly displayed and still no HTML mark-up comes through.

Please test and review.

BenBE

2013-08-14 22:26

updater   ~0004230

I had a somewhat hard time to follow the recode step as the documentation[1] might need a recode doc..human to be straight forward. Especially I had to lookup if ..html was reencoding angel brackets or not as unfortunately this was not documented in PHP[2] nor directly visible from the documentation[1] of librecode.

[1] http://recode.progiciels-bpi.ca/manual/HTML.html#HTML
[2] http://php.net/manual/de/function.html-entity-decode.php

Since I don't have php-recode installed for PHP locally I can't test my assumption and thus am not sure about this patch (given one of the most central aspects can't be checked).

Thus - given I read the documentation correctly - the patch is okay, but I'm not sure enough to tick of the second review.

law

2013-08-15 02:06

administrator   ~0004231

@NEOatNHNG (4228): I was not referring to RSS, but XML.

The description is enclosed in <![CDATA[ ... ]]>. From my brief research, the CDATA section may contain XML special characters, such as < > &, ... Thus, using entities in a CDATA section is some sort of double encoding.

MartinGummi

2013-08-20 19:19

updater   ~0004234

improve links for mobile devices https://github.com/magujs/cacert-devel/commit/99e9476675f7ef9f8a4559fab63234433f645393

INOPIAE

2013-08-20 19:54

updater   ~0004235

Last edited: 2013-08-20 21:08

View 2 revisions

The starting page shows the "..." correct at the end of the first entry.
=> ok
The link on the headres work => ok

=> ok

BenBE

2013-08-20 20:15

updater   ~0004238

Minor update to Magu's patch and support for display of line-breaks in blog post excerpts.

NEOatNHNG

2013-08-20 20:42

administrator   ~0004241

Changes look good. Needs testing once the testserver-stable branch is active on the testserver again.

Uli60

2013-08-20 21:05

updater   ~0004244

current setting on cacert1 (2013-08-20 23:05) shows
[...] 3 dotted points at the end of article 1
no entities
=> ok

law

2013-08-20 21:34

administrator   ~0004245

Getestet
OK

wytze

2013-09-14 10:24

developer   ~0004315

The follow-on patch has been installed on the production server on September 14, 2013. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2013-09/msg00005.html

Issue History

Date Modified Username Field Change
2013-07-13 20:04 law New Issue
2013-07-13 22:08 law Note Added: 0004129
2013-07-14 08:02 MartinGummi File Added: feed.rss
2013-07-14 08:11 MartinGummi File Added: feed_old.rss
2013-07-14 08:38 INOPIAE Additional Information Updated View Revisions
2013-07-14 08:43 INOPIAE Additional Information Updated View Revisions
2013-07-14 11:22 INOPIAE Note Added: 0004130
2013-07-14 11:22 INOPIAE Assigned To => BenBE
2013-07-14 11:22 INOPIAE Status new => fix available
2013-07-14 15:51 law Note Added: 0004134
2013-07-14 16:00 BenBE Source_changeset_attached => cacert-devel testserver-stable a5293e4e
2013-07-14 16:00 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 7c026b89
2013-07-14 16:04 Uli60 Note Added: 0004135
2013-07-14 16:08 Uli60 Note Edited: 0004135 View Revisions
2013-07-14 16:17 Uli60 Note Edited: 0004135 View Revisions
2013-07-14 16:21 law Note Added: 0004136
2013-07-14 16:22 law Note Edited: 0004134 View Revisions
2013-07-14 16:22 Uli60 Note Edited: 0004135 View Revisions
2013-07-14 16:28 Uli60 Note Edited: 0004135 View Revisions
2013-07-14 16:28 law Note Added: 0004137
2013-07-14 16:30 Uli60 Note Added: 0004138
2013-07-14 16:49 Uli60 Note Added: 0004139
2013-07-14 20:28 MartinGummi Note Added: 0004140
2013-07-14 20:51 MartinGummi Note Edited: 0004140 View Revisions
2013-07-14 20:58 INOPIAE Note Added: 0004141
2013-07-14 20:59 BenBE Reviewed by => BenBE
2013-07-14 20:59 BenBE Note Added: 0004142
2013-07-14 20:59 BenBE Status fix available => needs review & testing
2013-07-14 20:59 BenBE Category misc => website content
2013-07-14 20:59 BenBE Fixed in Version => 2013 Q3
2013-07-14 21:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 407ceee1
2013-07-14 21:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 044d8705
2013-07-14 21:00 MartinGummi Source_changeset_attached => cacert-devel testserver-stable c710807e
2013-07-14 21:00 MartinGummi Source_changeset_attached => cacert-devel testserver-stable 0099d331
2013-07-14 21:18 mkm Note Added: 0004143
2013-07-14 21:29 INOPIAE Note Added: 0004144
2013-07-14 21:29 INOPIAE Assigned To BenBE => NEOatNHNG
2013-07-14 21:29 INOPIAE Status needs review & testing => needs review
2013-07-15 05:43 Werner Dworak Note Added: 0004146
2013-07-15 15:01 Uli60 Note Added: 0004150
2013-07-15 15:02 Uli60 Note Added: 0004151
2013-07-15 15:02 Uli60 Assigned To NEOatNHNG => MartinGummi
2013-07-15 15:02 Uli60 Status needs review => needs work
2013-07-15 16:45 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable a99e549a
2013-07-15 16:45 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 28497771
2013-07-15 16:45 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 362ed35d
2013-07-15 16:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 5378f427
2013-07-15 16:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 1ce850c5
2013-07-15 16:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable e590fec9
2013-07-15 16:55 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable f1a4f67a
2013-07-15 17:00 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 2c14e26e
2013-07-15 17:00 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable ae73936f
2013-07-15 17:09 NEOatNHNG Reviewed by BenBE => NEOatNHNG
2013-07-15 17:09 NEOatNHNG Note Added: 0004153
2013-07-15 17:09 NEOatNHNG Assigned To MartinGummi => BenBE
2013-07-15 17:09 NEOatNHNG Status needs work => needs review & testing
2013-07-15 17:10 NEOatNHNG Note Edited: 0004153 View Revisions
2013-07-15 17:17 law Note Added: 0004154
2013-07-15 18:51 mkm Note Added: 0004155
2013-07-15 18:56 MartinGummi Note Added: 0004156
2013-07-15 20:41 INOPIAE Note Added: 0004157
2013-07-15 20:41 INOPIAE Note Added: 0004158
2013-07-15 20:41 INOPIAE Status needs review & testing => needs review
2013-07-15 21:17 BenBE Reviewed by NEOatNHNG => NEOatNHNG, BenBE
2013-07-15 21:17 BenBE Note Added: 0004159
2013-07-15 21:17 BenBE Status needs review => ready to deploy
2013-07-16 08:06 wytze Note Added: 0004160
2013-07-16 08:06 wytze Status ready to deploy => solved?
2013-07-16 08:06 wytze Resolution open => fixed
2013-07-16 21:35 BenBE Source_changeset_attached => cacert-devel release 6b57530d
2013-07-18 19:22 INOPIAE Note Added: 0004170
2013-07-18 19:22 INOPIAE Assigned To BenBE => NEOatNHNG
2013-07-18 19:22 INOPIAE Status solved? => needs work
2013-07-18 19:44 MartinGummi Note Added: 0004171
2013-07-18 22:32 law Note Added: 0004172
2013-07-18 22:55 MartinGummi Note Edited: 0004171 View Revisions
2013-07-18 22:56 MartinGummi Assigned To NEOatNHNG => MartinGummi
2013-08-14 20:50 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable f2d5e5e9
2013-08-14 20:50 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable bf5344ce
2013-08-14 21:02 NEOatNHNG Note Added: 0004228
2013-08-14 21:02 NEOatNHNG Assigned To MartinGummi => BenBE
2013-08-14 21:02 NEOatNHNG Status needs work => needs review & testing
2013-08-14 21:02 NEOatNHNG Reviewed by NEOatNHNG, BenBE => NEOatNHNG
2013-08-14 22:26 BenBE Note Added: 0004230
2013-08-15 02:06 law Note Added: 0004231
2013-08-20 19:19 MartinGummi Note Added: 0004234
2013-08-20 19:45 BenBE Source_changeset_attached => cacert-devel testserver-stable 1095e9dc
2013-08-20 19:45 BenBE Source_changeset_attached => cacert-devel testserver-stable cb81c234
2013-08-20 19:45 BenBE Source_changeset_attached => cacert-devel testserver-stable 1a1a0c72
2013-08-20 19:54 INOPIAE Note Added: 0004235
2013-08-20 20:15 BenBE Reviewed by NEOatNHNG => BenBE
2013-08-20 20:15 BenBE Note Added: 0004238
2013-08-20 20:15 BenBE Assigned To BenBE => NEOatNHNG
2013-08-20 20:42 NEOatNHNG Reviewed by BenBE => NEOatNHNG, BenBE
2013-08-20 20:42 NEOatNHNG Note Added: 0004241
2013-08-20 20:42 NEOatNHNG Status needs review & testing => needs testing
2013-08-20 21:05 Uli60 Note Added: 0004244
2013-08-20 21:08 INOPIAE Note Edited: 0004235 View Revisions
2013-08-20 21:34 law Note Added: 0004245
2013-08-27 19:11 BenBE Status needs testing => ready to deploy
2013-09-10 22:05 BenBE Source_changeset_attached => cacert-devel release 55d2a7b1
2013-09-14 10:24 wytze Note Added: 0004315
2013-09-14 10:24 wytze Status ready to deploy => solved?
2014-01-08 00:22 INOPIAE Status solved? => closed