Bug #2984
Image upload from sunstone is broken
| Status: | Closed | Start date: | 06/13/2014 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: |  Jaime Melis | % Done: | 0% | |
| Category: | Sunstone | |||
| Target version: | Release 4.8 | |||
| Resolution: | fixed | Pull request: | ||
| Affected Versions: | OpenNebula 4.6 |
Description
Hi,
I've just upgraded from 4.6.1 to 4.6.2 and image upload is broken, probably a side effect of fix #2979 csrf vulnerability in sunstone.
I've downgraded the opennebula-sunstone debian 7 package to 4.6.1 and I managed to upload my iso image successfully.
Symptoms are:
- Upload is starting normally and lighthttd is receiving the file
- User get an "image upload successful" message from sunstone
- Nothing other happens, it looks no action is taken from core. Nothing in oned.log (debug_level=3) about the whole operation. Nothing left in lighthttpd cache.
Thanks for your help,
Laurent
Associated revisions
Bug #2984: Add a csrftoken to the upload ajax call
Bug #2984: Add a csrftoken to the upload ajax call
(cherry picked from commit 09524280270cd160410bc035dac6eab6c932e884)
(cherry picked from commit 87f1459eaf386e67522be2e1d50fe85ed4874110)
Bug #2984: Apply fix for file uploads
Bug #2984: Apply fix for file uploads
(cherry picked from commit ee338c3ceaa46aa09609b2d9f59b3ab948532437)
History
#1
Updated by Ruben S. Montero about 7 years ago
- Status changed from Pending to New
- Assignee set to Jaime Melis
Thanks for the heads up, we'll provide a patch
#2
Updated by Ruben S. Montero about 7 years ago
- Target version set to Release 4.8
#3
Updated by Jaime Melis about 7 years ago
- Status changed from New to Closed
- Resolution set to fixed
Fixed and added to the known issues list: http://docs.opennebula.org/4.6/release_notes/release_notes/known_issues.html