Skip to content
This repository has been archived by the owner on Apr 12, 2024. It is now read-only.

General update #43

Merged
merged 6 commits into from
Aug 17, 2020
Merged

General update #43

merged 6 commits into from
Aug 17, 2020

Conversation

SolidifiedRay
Copy link
Contributor

Make some changes due to the latest frontend and Python 3.

See commit messages for the details.

@lukpueh
Copy link
Member

lukpueh commented Jul 7, 2020

Will this still work on Python 2? If not, we should mention it maybe in the commit message and also change the requirements section in the README.md.

@lukpueh
Copy link
Member

lukpueh commented Jul 7, 2020

@SolidifiedRay, would you mind taking a look at #39, #40, #41, #42 and see if updating those breaks anything?

@SolidifiedRay
Copy link
Contributor Author

Will this still work on Python 2? If not, we should mention it maybe in the commit message and also change the requirements section in the README.md.

This still work on Python 2. I will take a look at other updates soon.

@SolidifiedRay
Copy link
Contributor Author

@SolidifiedRay, would you mind taking a look at #39, #40, #41, #42 and see if updating those breaks anything?

They look good to me. I ran them locally and did some quick tests. No errors show up. @lukpueh

@lukpueh
Copy link
Member

lukpueh commented Jul 8, 2020

They look good to me. I ran them locally and did some quick tests. No errors show up. @lukpueh

Thanks for checking. Let's merge them in then.

wizard.py Outdated Show resolved Hide resolved
Request.is_xhr has been deprecated as it is not reliable, according to issue #1077 in Werkzeug(WSGI) repo

Signed-off-by: SolidifiedRay <[email protected]>
@SolidifiedRay
Copy link
Contributor Author

I go back to have another look at Request.is_xhr and find Werkzeug(WSGI) repo also has an issue for this.
According to issue #1077 in werkzeug repo, werkzeug removed Request.is_xhr as it is not reliable. Since Flask depends on the Werkzeug toolkit, Request.is_xhr is also no longer supported in Flask.
Here is a quote from issue # 1077:

The Request.is_xhr was introduced 9 years ago. It detects from a header called X-Requested-With which is added by JavaScript libraries.

The world is different now. jQuery is losing its popularity; and fetch is shining. Many would choose to use fetch instead of XMLHttpRequest nowadays. Popular ajax libraries such as axios has no built-in X-Requested-With header.

X-Requested-With is not a part of any spec, it is not reliable. It is the time to deprecate it.

Maybe we should also remove the check for XMLHttpRequest? What do you think? @lukpueh

Signed-off-by: SolidifiedRay <[email protected]>
Flask on python3 won't work with StringIO as send_file only expects to be given binary file-like objects and it wouldn't know how to encode the string to bytes, according to issue #3358 in Flask repo

Signed-off-by: SolidifiedRay <[email protected]>
@SolidifiedRay SolidifiedRay force-pushed the update branch 2 times, most recently from e7a52e0 to 07e5a97 Compare July 9, 2020 22:14
Copy link
Member

@adityasaky adityasaky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @SolidifiedRay!

requirements.txt Outdated Show resolved Hide resolved
install in-toto directly instead of installing in an editable way and a dev version

Signed-off-by: SolidifiedRay <[email protected]>
Copy link
Member

@adityasaky adityasaky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @SolidifiedRay!

@@ -362,7 +362,7 @@ def ajax_flash_messages(response):
show_messages(repsonse.messages).
"""

if (request.is_xhr and
if (request.headers.get("X-Requested-With") == "XMLHttpRequest" and
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC you are re-implementing the check that the deprecated request.is_xhr used to perform, right?

Did you have a chance to check if the jquery ajax call we use still sets that header, so that our ajax_flash_messages hook still works?

Copy link
Contributor Author

@SolidifiedRay SolidifiedRay Aug 9, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a ton for the review @lukpueh !!

I checked the ajax_flash_messages hook and unfortunately something is not right.
For example, when I upload the functionary's public key in the functionaries page, the flash messages show up only after I manually refresh the page. When I try to remove the functionary that already has a pubkey, I also have to refresh the page to see the change and the flash message. I am not sure if there is something wrong with the ajax call or the ajax_flash_messages hook, but I will try to find up why this happened.

Copy link
Contributor Author

@SolidifiedRay SolidifiedRay Aug 11, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a follow-up, I will work on rule generation first, which seems to have a higher priority than this problem.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found ajax_flash_messages working again.

I check the jquery ajax call with the browser's network console, and it does include the X-Requested-With header with the value XMLHttpRequest. So I believe there is no problem with the code here. I doubt that it failed previously is because my Virtual Machine didn't run the WSGI server correctly.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll merge then. Thanks for the updates!

@lukpueh lukpueh merged commit cefba93 into in-toto:develop Aug 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants