Modify

Opened 5 years ago

Closed 5 years ago

#18537 closed enhancement (wontfix)

Display HTML error messages from the OSM API

Reported by: Don-vip Owned by: team
Priority: minor Milestone:
Component: Core Version:
Keywords: html error Cc:

Description

We should display proper HTML instead of this:

https://twitter.com/Kumar17640520/status/1214856992642125824


Attachments (1)

ENwJ_d7VUAAhLpV.jpg (39.1 KB ) - added by Don-vip 5 years ago.

Download all attachments as: .zip

Change History (6)

by Don-vip, 5 years ago

Attachment: ENwJ_d7VUAAhLpV.jpg added

comment:1 by Don-vip, 5 years ago

Priority: normalminor
Type: defectenhancement

comment:2 by stoecker, 5 years ago

Not so easy. An 50x error should never happen so we can't really assume a certain layout. And directly displaying HTML from the server in the dialog is dangerous. I'm not sure if we really should handle that case.

in reply to:  2 comment:3 by Don-vip, 5 years ago

Replying to stoecker:

directly displaying HTML from the server in the dialog is dangerous.

why?

comment:4 by stoecker, 5 years ago

  • It may be large (serveral pages)
  • It may contain elements going AMOK in the limited HTML handler of Java
  • We don't know the source of HTML (as it is not a normal behaviour), so it can be intentional be dangerous
  • Users don't expect dialogs to be controlled by remote server, so contrary to a webbrowser they will not be wary

I.e. That's one of the typical situations opening massive security holes.

comment:5 by Don-vip, 5 years ago

Resolution: wontfix
Status: newclosed

ok

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain team.
as The resolution will be set.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment
E-mail address and name can be saved in the Preferences .
AttachmentsDescription
 
Note: See TracTickets for help on using tickets.