View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000921 | Main CAcert Website | Audit issues | public | 2011-04-17 02:09 | 2013-01-15 15:31 |
Reporter | Uli60 | Assigned To | Uli60 | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Fixed in Version | 2011 Q3 | ||||
Summary | 0000921: http://www.cacert.org/index.php?id=10 fixes PP (Privacy Policy) | ||||
Description | see bug 671 0000010 PP => /policy/ page and drop the 0000010 page, fix up links addtl. id=39 link http://www.cacert.org/index.php?id=10 showfooter() in /includes/general_stuff.php also to change link "Association Membership" from http://wiki.cacert.org/wiki/CAcertIncorporated to http://wiki.cacert.org/CAcertIncorporated replace /pages/index/10.php with "depricated" logged-in this link on showfooter() switches to https://secure.cacert.org/account.php?id=39 showfooter() in /includes/account_stuff.php also to change link "Association Membership" from http://wiki.cacert.org/wiki/CAcertIncorporated to http://wiki.cacert.org/CAcertIncorporated replace /pages/account/39.php with "depricated" | ||||
Additional Information | files to modify 1. /includes/account_stuff.php 2. /includes/general_stuff.php 3. /pages/account/39.php 4. /pages/index/10.php 5. add /www/policy/PrivacyPolicy.php | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Reviewed by | Ted, NEOatNHNG | ||||
Test Instructions | |||||
|
still open correction(s): /www/policy/CAcertCommunityAgreement.php /www//policy/CertificationPracticeStatement.php 1. /includes/account_stuff.php from cacert-devel (2011-04-16) 2. /includes/general_stuff.php from cacert-devel (2011-04-16) 1. + 2. includes bug# 918 fixes (weak key functions) |
|
patched files attached to notification send to Software-Assessors |
|
patched files /www/policy/CAcertCommunityAgreement.php /www//policy/CertificationPracticeStatement.php also fixed and send to SA's |
|
Fix for the privacy policy committed and transferred to the test server (branch bug-921, commit ID d17953a5f2f1d2d4a4df1993e3fc749e4c606f6a) needs testing and review |
|
Added second part: Fix some more links (also branch bug-921, commit ID 313bbc31ddcad1ce554c347eb89f3ed8fa5ee860) |
|
notification to testers sent |
|
on both pages http://cacert1.it-sls.de/index.php?id=10 and https://secure1.it-sls.de/account.php?id=39 the policy link is pointing to server/policy/PrivacyPolicy.html |
|
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! http://www.CAcert.org/index.php?id=10 cannot be completely removed !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! as the link http://www.CAcert.org/index.php?id=10 is hardcoded into the root and class3 certs X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.18506 CPS: http://www.CAcert.org/index.php?id=10 Netscape CA Policy Url: http://www.CAcert.org/index.php?id=10 at least a redirect has to be still left in /pages/index/10.php |
|
with password login http://cacert1.it-sls.de/index.php?id=10 displays: "This page has been moved to the policy directory. Please update your bookmarks and report any broken links." with link http://cacert1.it-sls.de/policy/PrivacyPolicy.html -> ok main page bottom Privacy Policy link http://cacert1.it-sls.de/policy/PrivacyPolicy.html -> ok with cert login https://secure1.it-sls.de/account.php?id=39 displays: "This page has been moved to the policy directory. Please update your bookmarks and report any broken links." with link https://secure1.it-sls.de/policy/PrivacyPolicy.html -> ok main page bottom Privacy Policy link https://secure1.it-sls.de/policy/PrivacyPolicy.html -> ok (this is the only one with extension html yet, all other file endings are php) Logout About CAcert - Policies Privacy Policy is listed as: PrivacyPolicy.html -> ok links to https://cacert1.it-sls.de/policy/PrivacyPolicy.html -> ok |
|
logged out, using deep link https://secure1.it-sls.de/account.php?id=39 redirects to https://cacert1.it-sls.de/policy/PrivacyPolicy.html -> ok |
|
Logged out Link at bottom goes to pp.html (PrivacyPilicy.html) =>ok Menu About Policys - https://cacert1.it-sls.de/policy/ Link to pp.html =>ok Logged In Certificate Link at bottom goes to pp.html =>ok https://secure1.it-sls.de/account.php?id=39 - Information - Link to pp.html =>ok Logged In Password Link at bottom goes to pp.html =>ok https://cacert1.it-sls.de/account.php?id=39 - Information - Link to pp.html =>ok |
|
Code review done. Reviewed commits a3d7949c04a06539a8a0982968f711b7832d8672 (branch release) versus 313bbc31ddcad1ce554c347eb89f3ed8fa5ee860 (branch bug-921) One small thing, why change the link http://wiki.cacert.org/wiki/CAcertIncorporated to http://wiki.cacert.org/CAcertIncorporated when both of them are redirected to http://wiki.cacert.org/Brain/CAcertInc? Summary: Changes are acceptable |
|
Did some testing during review, no problems noticed. |
|
is fully tested this patch should only cover consolidation of PP, to remove dupes and not a complete policies cleanup The big cleanup will follow in step 2, once all policies somewhere in the webdb are moved to /Policy/ directory this is done with this bugfix A potential move or rework of policy repository including renaming, collecting _all_ policies under the new repository or other location, fixing all links, to get rid of the id=10, id=39 links, to get rid of the svn, wiki and other links and so on will be done in step 2 and to be handled under https://bugs.cacert.org/view.php?id=941 once https://bugs.cacert.org/view.php?id=921 is pushed to production thhis to prevent doubled, double work in testing step 1 is only link fixup for PP |
|
NEO rolled back |
|
logged out: bottom link https://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok logged-in: bottom link https://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok cert-logged-in: bottom link https://secure1.it-sls.de/policy/PrivacyPolicy.html => ok deep links: 1. http://cacert1.it-sls.de/index.php?id=10 shows: moved to the policy directory. and link http://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok 2. https://secure1.it-sls.de/account.php?id=39 shows: moved to the policy directory. and link https://secure1.it-sls.de/policy/PrivacyPolicy.html => ok |
|
Email sent to critical admins |
|
Fix applied to production system on July 27, 2011. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2011-07/msg00009.html |
Date Modified | Username | Field | Change |
---|---|---|---|
2011-04-17 02:09 | Uli60 | New Issue | |
2011-04-17 02:10 | Uli60 | Relationship added | related to 0000671 |
2011-04-17 02:12 | Uli60 | Description Updated | |
2011-04-17 02:12 | Uli60 | Additional Information Updated | |
2011-04-17 02:12 | Uli60 | Status | new => needs work |
2011-04-17 02:12 | Uli60 | Assigned To | => Uli60 |
2011-04-17 02:13 | Uli60 | File Added: account_stuff.php | |
2011-04-17 02:14 | Uli60 | File Added: general_stuff.php | |
2011-04-17 02:14 | Uli60 | File Added: 39.php | |
2011-04-17 02:15 | Uli60 | File Added: 10.php | |
2011-04-17 02:15 | Uli60 | File Added: PrivacyPolicy.php | |
2011-04-17 02:23 | Uli60 | Note Added: 0001932 | |
2011-04-17 02:26 | Uli60 | Note Edited: 0001932 | |
2011-04-17 02:35 | Uli60 | Note Added: 0001933 | |
2011-04-17 02:36 | Uli60 | Note Edited: 0001933 | |
2011-04-17 04:12 | Uli60 | File Deleted: PrivacyPolicy.php | |
2011-04-17 04:12 | Uli60 | File Added: PrivacyPolicy.php | |
2011-04-17 13:42 | Uli60 | File Deleted: PrivacyPolicy.php | |
2011-04-17 13:43 | Uli60 | File Added: PrivacyPolicy.php | |
2011-04-17 20:55 | Uli60 | File Added: CAcertCommunityAgreement.php | |
2011-04-17 20:55 | Uli60 | File Added: CertificationPracticeStatement.php | |
2011-04-17 20:56 | Uli60 | Note Added: 0001935 | |
2011-04-21 02:48 | NEOatNHNG | Note Added: 0001936 | |
2011-04-21 03:51 | NEOatNHNG | Note Added: 0001937 | |
2011-04-21 17:59 | Uli60 | Note Added: 0001941 | |
2011-04-26 20:35 | INOPIAE | Note Added: 0001944 | |
2011-05-21 23:32 | Uli60 | Relationship added | related to 0000941 |
2011-05-26 11:47 | Uli60 | Note Added: 0002009 | |
2011-05-26 11:48 | Uli60 | Note Edited: 0002009 | |
2011-06-15 15:06 | NEOatNHNG | Status | needs work => needs review & testing |
2011-06-19 16:53 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 76169d41 |
2011-06-19 16:53 | NEOatNHNG | Source_changeset_attached | => cacert-devel master e1285946 |
2011-06-21 23:57 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 76169d41 |
2011-06-21 23:57 | NEOatNHNG | Source_changeset_attached | => cacert-devel master e1285946 |
2011-06-21 23:57 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 313bbc31 |
2011-06-21 23:57 | NEOatNHNG | Source_changeset_attached | => cacert-devel master d17953a5 |
2011-06-22 00:09 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 76169d41 |
2011-06-22 00:09 | NEOatNHNG | Source_changeset_attached | => cacert-devel master e1285946 |
2011-06-22 00:09 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 313bbc31 |
2011-06-22 00:09 | NEOatNHNG | Source_changeset_attached | => cacert-devel master d17953a5 |
2011-07-02 01:50 | NEOatNHNG | Reviewed by | => NEOatNHNG |
2011-07-05 00:15 | Uli60 | Note Added: 0002080 | |
2011-07-05 00:18 | Uli60 | Note Added: 0002081 | |
2011-07-21 06:02 | INOPIAE | Note Added: 0002170 | |
2011-07-21 21:06 | Ted | Note Added: 0002174 | |
2011-07-21 21:08 | Ted | Note Added: 0002175 | |
2011-07-22 01:23 | NEOatNHNG | Reviewed by | NEOatNHNG => Ted, NEOatNHNG |
2011-07-22 01:30 | NEOatNHNG | Status | needs review & testing => needs testing |
2011-07-22 01:39 | Uli60 | Note Added: 0002176 | |
2011-07-22 01:39 | Uli60 | Status | needs testing => ready to deploy |
2011-07-22 02:11 | Uli60 | Note Edited: 0002176 | |
2011-07-22 02:25 | Uli60 | Note Edited: 0002176 | |
2011-07-22 02:26 | Uli60 | Note Edited: 0002176 | |
2011-07-22 02:38 | Uli60 | Note Edited: 0002176 | |
2011-07-22 02:39 | Uli60 | Note Edited: 0002176 | |
2011-07-26 23:46 | Uli60 | Note Added: 0002210 | |
2011-07-26 23:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 38c89c37 |
2011-07-26 23:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel master 4676aaf4 |
2011-07-26 23:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel master ca081187 |
2011-07-26 23:54 | Uli60 | Note Added: 0002211 | |
2011-07-26 23:56 | Uli60 | Note Edited: 0002211 | |
2011-07-26 23:56 | NEOatNHNG | Note Added: 0002212 | |
2011-07-27 10:45 | wytze | Note Added: 0002214 | |
2011-07-27 10:45 | wytze | Status | ready to deploy => closed |
2011-07-27 10:45 | wytze | Resolution | open => fixed |
2011-07-28 21:55 | NEOatNHNG | Source_changeset_attached | => cacert-devel release 0be067ea |
2013-01-15 15:31 | Werner Dworak | Fixed in Version | => 2011 Q3 |