Bug report mechanism: URL too long

[bastiK]

I get

414 Request-URI Too Large

The requested URL's length exceeds the capacity limit for this server.
Apache/2.2.12 (Ubuntu) Server at localhost Port 80

when clicking on the report button.

What's wrong with using POST method instead of this crude hack?

[stoecker]

You can't pass a POST request to a browser to take it over. The question is why the URL is too long. It should be shortened to the maximum value already.

[bastiK]

Ah, ok. Then a clean solution is probably not worth the effort.

Here's the URL:

http://josm.openstreetmap.de/josmticket?data=a2V5d29yZHM9dGVtcGxhdGVfcmVwb3J0JmRlc2NyaXB0aW9uPVdoYXQrc3RlcHMrd2lsbCtyZXByb2R1Y2UrdGhlK3Byb2JsZW0lM0YlMEErMS4rJTBBKzIuKyUwQSszLislMEElMEFXaGF0K2lzK3RoZStleHBlY3RlZCtyZXN1bHQlM0YlMEElMEFXaGF0K2hhcHBlbnMraW5zdGVhZCUzRiUwQSUwQVBsZWFzZStwcm92aWRlK2FueSthZGRpdGlvbmFsK2luZm9ybWF0aW9uK2JlbG93LitBdHRhY2grYStzY3JlZW5zaG90K2lmJTBBcG9zc2libGUuJTBBJTBBJTdCJTdCJTdCJTBBQnVpbGQtRGF0ZSUzQSsyMDEwLTA1LTA1KzIwJTNBMDklM0E1NCUwQVJldmlzaW9uJTNBKzMyMTYlMEFJcy1Mb2NhbC1CdWlsZCUzQSt0cnVlJTBBJTBBTWVtb3J5K1VzYWdlJTNBKzI5NytNQislMkYrMjk3K01CKyUyODQyK01CK2FsbG9jYXRlZCUyQytidXQrZnJlZSUyOSUwQUphdmErdmVyc2lvbiUzQSsxLjYuMF8xNSUyQytTdW4rTWljcm9zeXN0ZW1zK0luYy4lMkMrSmF2YStIb3RTcG90JTI4VE0lMjkrQ2xpZW50K1ZNJTBBT3BlcmF0aW5nK3N5c3RlbSUzQStMaW51eCUwQSUwQURhdGFzZXQrY29uc2lzdGVuY3krdGVzdCUzQSUwQU5vK3Byb2JsZW1zK2ZvdW5kJTBBJTBBJTBBUGx1Z2lucyUzQStBZGRySW50ZXJwb2xhdGlvbiUyQ2J1aWxkaW5nc190b29scyUyQ211bHRpcG9seSUyQ29wZW5zdHJlZXRidWdzJTJDcmVtb3RlY29udHJvbCUyQ3RhZ2VkaXRvciUyQ3RlcnJhY2VyJTJDdHVybnJlc3RyaWN0aW9ucyUyQ3ZhbGlkYXRvciUyQ3dheXNlbGVjdG9yJTJDd21zLXR1cmJvLWNoYWxsZW5nZTIlMkN3bXNwbHVnaW4lMEFQbHVnaW4rb3BlbnN0cmVldGJ1Z3MrJTI4VmVyc2lvbiUzQSsyMDY5NiUyOSUwQVBsdWdpbit3bXNwbHVnaW4rJTI4VmVyc2lvbiUzQSsyMDg5MSUyOSUwQVBsdWdpbit3YXlzZWxlY3RvcislMjhWZXJzaW9uJTNBKzIwNDgyJTI5JTBBUGx1Z2luK3RhZ2VkaXRvcislMjhWZXJzaW9uJTNBKzIxMDI2JTI5JTBBUGx1Z2luK3JlbW90ZWNvbnRyb2wrJTI4VmVyc2lvbiUzQSsxOTk0NiUyOSUwQVBsdWdpbitidWlsZGluZ3NfdG9vbHMrJTI4VmVyc2lvbiUzQSsyMDI2OSUyOSUwQVBsdWdpbit2YWxpZGF0b3IrJTI4VmVyc2lvbiUzQSsyMDc5OSUyOSUwQVBsdWdpbitBZGRySW50ZXJwb2xhdGlvbislMjhWZXJzaW9uJTNBKzE5NDIyJTI5JTBBUGx1Z2luK3RlcnJhY2VyKyUyOFZlcnNpb24lM0ErMjEwOTQlMjklMEFQbHVnaW4rdHVybnJlc3RyaWN0aW9ucyslMjhWZXJzaW9uJTNBKzIxMDEwJTI5JTBBUGx1Z2luK211bHRpcG9seSslMjhWZXJzaW9uJTNBKzE5NDU2JTI5JTBBJTBBamF2YS5sYW5nLk51bGxQb2ludGVyRXhjZXB0aW9uJTBBJTA5YXQrdGVycmFjZXIuVGVycmFjZXJBY3Rpb24udGVycmFjZUJ1aWxkaW5nJTI4VGVycmFjZXJBY3Rpb24uamF2YSUzQTI0MiUyOSUwQSUwOWF0K3RlcnJhY2VyLkhvdXNlTnVtYmVySW5wdXRIYW5kbGVyLmFjdGlvblBlcmZvcm1lZCUyOEhvdXNlTnVtYmVySW5wdXRIYW5kbGVyLmphdmElM0EyNzglMjklMEElMDlhdCt0ZXJyYWNlci5Ib3VzZU51bWJlcklucHV0RGlhbG9nLmJ1dHRvbkFjdGlvbiUyOEhvdXNlTnVtYmVySW5wdXREaWFsb2cuamF2YSUzQTE5NSUyOSUwQSUwOWF0K29yZy5vcGVuc3RyZWV0bWFwLmpvc20uZ3VpLkV4dGVuZGVkRGlhbG9nJTI0MS5hY3Rpb25QZXJmb3JtZWQlMjhFeHRlbmRlZERpYWxvZy5qYXZhJTNBMjExJTI5JTBBJTA5YXQramF2YXguc3dpbmcuQWJzdHJhY3RCdXR0b24uZmlyZUFjdGlvblBlcmZvcm1lZCUyOEFic3RyYWN0QnV0dG9uLmphdmElM0ExOTk1JTI5JTBBJTA5YXQramF2YXguc3dpbmcuQWJzdHJhY3RCdXR0b24lMjRIYW5kbGVyLmFjdGlvblBlcmZvcm1lZCUyOEFic3RyYWN0QnV0dG9uLmphdmElM0EyMzE4JTI5JTBBJTA5YXQramF2YXguc3dpbmcuRGVmYXVsdEJ1dHRvbk1vZGVsLmZpcmVBY3Rpb25QZXJmb3JtZWQlMjhEZWZhdWx0QnV0dG9uTW9kZWwuamF2YSUzQTM4NyUyOSUwQSUwOWF0K2phdmF4LnN3aW5nLkRlZmF1bHRCdXR0b25Nb2RlbC5zZXRQcmVzc2VkJTI4RGVmYXVsdEJ1dHRvbk1vZGVsLmphdmElM0EyNDIlMjklMEElMDlhdCtqYXZheC5zd2luZy5wbGFmLmJhc2ljLkJhc2ljQnV0dG9uTGlzdGVuZXIubW91c2VSZWxlYXNlZCUyOEJhc2ljQnV0dG9uTGlzdGVuZXIuamF2YSUzQTIzNiUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbXBvbmVudC5wcm9jZXNzTW91c2VFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNjI2MyUyOSUwQSUwOWF0K2phdmF4LnN3aW5nLkpDb21wb25lbnQucHJvY2Vzc01vdXNlRXZlbnQlMjhKQ29tcG9uZW50LmphdmElM0EzMjY3JTI5JTBBJTA5YXQramF2YS5hd3QuQ29tcG9uZW50LnByb2Nlc3NFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNjAyOCUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbnRhaW5lci5wcm9jZXNzRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTIwNDElMjklMEElMDlhdCtqYXZhLmF3dC5Db21wb25lbnQuZGlzcGF0Y2hFdmVudEltcGwlMjhDb21wb25lbnQuamF2YSUzQTQ2MzAlMjklMEElMDlhdCtqYXZhLmF3dC5Db250YWluZXIuZGlzcGF0Y2hFdmVudEltcGwlMjhDb250YWluZXIuamF2YSUzQTIwOTklMjklMEElMDlhdCtqYXZhLmF3dC5Db21wb25lbnQuZGlzcGF0Y2hFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNDQ2MCUyOSUwQSUwOWF0K2phdmEuYXd0LkxpZ2h0d2VpZ2h0RGlzcGF0Y2hlci5yZXRhcmdldE1vdXNlRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTQ1NzQlMjklMEElMDlhdCtqYXZhLmF3dC5MaWdodHdlaWdodERpc3BhdGNoZXIucHJvY2Vzc01vdXNlRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTQyMzglMjklMEElMDlhdCtqYXZhLmF3dC5MaWdodHdlaWdodERpc3BhdGNoZXIuZGlzcGF0Y2hFdmVudCUyOENvbnRhaW5lci5qYXZhJTNBNDE2OCUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbnRhaW5lci5kaXNwYXRjaEV2ZW50SW1wbCUyOENvbnRhaW5lci5qYXZhJTNBMjA4NSUyOSUwQSUwOWF0K2phdmEuYXd0LldpbmRvdy5kaXNwYXRjaEV2ZW50SW1wbCUyOFdpbmRvdy5qYXZhJTNBMjQ3NSUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbXBvbmVudC5kaXNwYXRjaEV2ZW50JTI4Q29tcG9uZW50LmphdmElM0E0NDYwJTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnRRdWV1ZS5kaXNwYXRjaEV2ZW50JTI4RXZlbnRRdWV1ZS5qYXZhJTNBNTk5JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wT25lRXZlbnRGb3JGaWx0ZXJzJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMjY5JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzRm9yRmlsdGVyJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTg0JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzRm9yRmlsdGVyJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTc4JTI5JTBBJTA5YXQramF2YS5hd3QuRGlhbG9nJTI0MS5ydW4lMjhEaWFsb2cuamF2YSUzQTEwNDUlMjklMEElMDlhdCtqYXZhLmF3dC5EaWFsb2clMjQzLnJ1biUyOERpYWxvZy5qYXZhJTNBMTA5NyUyOSUwQSUwOWF0K2phdmEuc2VjdXJpdHkuQWNjZXNzQ29udHJvbGxlci5kb1ByaXZpbGVnZWQlMjhOYXRpdmUrTWV0aG9kJTI5JTBBJTA5YXQramF2YS5hd3QuRGlhbG9nLnNob3clMjhEaWFsb2cuamF2YSUzQTEwOTUlMjklMEElMDlhdCtqYXZhLmF3dC5Db21wb25lbnQuc2hvdyUyOENvbXBvbmVudC5qYXZhJTNBMTU2MyUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbXBvbmVudC5zZXRWaXNpYmxlJTI4Q29tcG9uZW50LmphdmElM0ExNTE1JTI5JTBBJTA5YXQramF2YS5hd3QuV2luZG93LnNldFZpc2libGUlMjhXaW5kb3cuamF2YSUzQTg0MSUyOSUwQSUwOWF0K2phdmEuYXd0LkRpYWxvZy5zZXRWaXNpYmxlJTI4RGlhbG9nLmphdmElM0E5ODUlMjklMEElMDlhdCtvcmcub3BlbnN0cmVldG1hcC5qb3NtLmd1aS5FeHRlbmRlZERpYWxvZy5zZXRWaXNpYmxlJTI4RXh0ZW5kZWREaWFsb2cuamF2YSUzQTM0NyUyOSUwQSUwOWF0K3RlcnJhY2VyLkhvdXNlTnVtYmVySW5wdXREaWFsb2cuJTNDaW5pdCUzRSUyOEhvdXNlTnVtYmVySW5wdXREaWFsb2cuamF2YSUzQTEwNSUyOSUwQSUwOWF0K3RlcnJhY2VyLkhvdXNlTnVtYmVySW5wdXRIYW5kbGVyLiUzQ2luaXQlM0UlMjhIb3VzZU51bWJlcklucHV0SGFuZGxlci5qYXZhJTNBNjUlMjklMEElMDlhdCt0ZXJyYWNlci5UZXJyYWNlckFjdGlvbi5hY3Rpb25QZXJmb3JtZWQlMjhUZXJyYWNlckFjdGlvbi5qYXZhJTNBMTUxJTI5JTBBJTA5YXQramF2YXguc3dpbmcuQWJzdHJhY3RCdXR0b24uZmlyZUFjdGlvblBlcmZvcm1lZCUyOEFic3RyYWN0QnV0dG9uLmphdmElM0ExOTk1JTI5JTBBJTA5YXQramF2YXguc3dpbmcuQWJzdHJhY3RCdXR0b24lMjRIYW5kbGVyLmFjdGlvblBlcmZvcm1lZCUyOEFic3RyYWN0QnV0dG9uLmphdmElM0EyMzE4JTI5JTBBJTA5YXQramF2YXguc3dpbmcuRGVmYXVsdEJ1dHRvbk1vZGVsLmZpcmVBY3Rpb25QZXJmb3JtZWQlMjhEZWZhdWx0QnV0dG9uTW9kZWwuamF2YSUzQTM4NyUyOSUwQSUwOWF0K2phdmF4LnN3aW5nLkRlZmF1bHRCdXR0b25Nb2RlbC5zZXRQcmVzc2VkJTI4RGVmYXVsdEJ1dHRvbk1vZGVsLmphdmElM0EyNDIlMjklMEElMDlhdCtqYXZheC5zd2luZy5BYnN0cmFjdEJ1dHRvbi5kb0NsaWNrJTI4QWJzdHJhY3RCdXR0b24uamF2YSUzQTM1NyUyOSUwQSUwOWF0K2phdmF4LnN3aW5nLnBsYWYuYmFzaWMuQmFzaWNNZW51SXRlbVVJLmRvQ2xpY2slMjhCYXNpY01lbnVJdGVtVUkuamF2YSUzQTEyMjUlMjklMEElMDlhdCtqYXZheC5zd2luZy5wbGFmLmJhc2ljLkJhc2ljTWVudUl0ZW1VSSUyNEhhbmRsZXIubW91c2VSZWxlYXNlZCUyOEJhc2ljTWVudUl0ZW1VSS5qYXZhJTNBMTI2NiUyOSUwQSUwOWF0K2phdmEuYXd0LkFXVEV2ZW50TXVsdGljYXN0ZXIubW91c2VSZWxlYXNlZCUyOEFXVEV2ZW50TXVsdGljYXN0ZXIuamF2YSUzQTI3MiUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbXBvbmVudC5wcm9jZXNzTW91c2VFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNjI2MyUyOSUwQSUwOWF0K2phdmF4LnN3aW5nLkpDb21wb25lbnQucHJvY2Vzc01vdXNlRXZlbnQlMjhKQ29tcG9uZW50LmphdmElM0EzMjY3JTI5JTBBJTA5YXQramF2YS5hd3QuQ29tcG9uZW50LnByb2Nlc3NFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNjAyOCUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbnRhaW5lci5wcm9jZXNzRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTIwNDElMjklMEElMDlhdCtqYXZhLmF3dC5Db21wb25lbnQuZGlzcGF0Y2hFdmVudEltcGwlMjhDb21wb25lbnQuamF2YSUzQTQ2MzAlMjklMEElMDlhdCtqYXZhLmF3dC5Db250YWluZXIuZGlzcGF0Y2hFdmVudEltcGwlMjhDb250YWluZXIuamF2YSUzQTIwOTklMjklMEElMDlhdCtqYXZhLmF3dC5Db21wb25lbnQuZGlzcGF0Y2hFdmVudCUyOENvbXBvbmVudC5qYXZhJTNBNDQ2MCUyOSUwQSUwOWF0K2phdmEuYXd0LkxpZ2h0d2VpZ2h0RGlzcGF0Y2hlci5yZXRhcmdldE1vdXNlRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTQ1NzQlMjklMEElMDlhdCtqYXZhLmF3dC5MaWdodHdlaWdodERpc3BhdGNoZXIucHJvY2Vzc01vdXNlRXZlbnQlMjhDb250YWluZXIuamF2YSUzQTQyMzglMjklMEElMDlhdCtqYXZhLmF3dC5MaWdodHdlaWdodERpc3BhdGNoZXIuZGlzcGF0Y2hFdmVudCUyOENvbnRhaW5lci5qYXZhJTNBNDE2OCUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbnRhaW5lci5kaXNwYXRjaEV2ZW50SW1wbCUyOENvbnRhaW5lci5qYXZhJTNBMjA4NSUyOSUwQSUwOWF0K2phdmEuYXd0LldpbmRvdy5kaXNwYXRjaEV2ZW50SW1wbCUyOFdpbmRvdy5qYXZhJTNBMjQ3NSUyOSUwQSUwOWF0K2phdmEuYXd0LkNvbXBvbmVudC5kaXNwYXRjaEV2ZW50JTI4Q29tcG9uZW50LmphdmElM0E0NDYwJTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnRRdWV1ZS5kaXNwYXRjaEV2ZW50JTI4RXZlbnRRdWV1ZS5qYXZhJTNBNTk5JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wT25lRXZlbnRGb3JGaWx0ZXJzJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMjY5JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzRm9yRmlsdGVyJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTg0JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzRm9ySGllcmFyY2h5JTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTc0JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTY5JTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5wdW1wRXZlbnRzJTI4RXZlbnREaXNwYXRjaFRocmVhZC5qYXZhJTNBMTYxJTI5JTBBJTA5YXQramF2YS5hd3QuRXZlbnREaXNwYXRjaFRocmVhZC5ydW4lMjhFdmVudERpc3BhdGNoVGhyZWFkLmphdmElM0ExMjIlMjklMEElMEElN0QlN0QlN0QlMEE=

[stoecker]

Hmm, maybe we can create a local html file, which does the post request? And call this file. It can be deleted on next josm start.

[skyper]

Please, also take in account the option to use https instead of http

Thanks skyper

[bastiK]

Replying to stoecker:

Hmm, maybe we can create a local html file, which does the post request? And call this file. It can be deleted on next josm start.

Sounds good to me. Then do some javascript magic to send the form data automatically?

[stoecker]

Only one button with "Click me to submit request to server" (a note below that there again submit must be pressed and probably the submitted text above) and auto-click that one when javascript is activate. Why not.

[jttt]

What about xmlrpc plugin for track: ​http://trac-hacks.org/wiki/XmlRpcPlugin?

It has methods for creating new ticket, adding attachement, etc.

[bastiK]

Replying to jttt:

What about xmlrpc plugin for track: ​http://trac-hacks.org/wiki/XmlRpcPlugin?

It has methods for creating new ticket, adding attachement, etc.

This would mean, we need to collect all the information in JOSM before sending it to trac? Seems like a lot of work to me: Authentication, Priority, Component (and keep the list up to date), Attachments,...

[stoecker]

Why don't we display the bugtracker newticket page in JOSM and prefill it? We can use POST request then without problems.

[bastiK]

Replying to stoecker:

Why don't we display the bugtracker newticket page in JOSM and prefill it? We can use POST request then without problems.

Disadvantage: Cannot use my browser's automatic login (password manager). After click on login the prefilled text is still there?

Advantage: The window shows reliably on screen and not in some browser tab where it could be unnoticed.

I don't know what is better...

[bastiK]

Replying to stoecker:

Hmm, maybe we can create a local html file, which does the post request? And call this file. It can be deleted on next josm start.

I tried this method, but there is a problem:

• open attached file
• click on redirect (java script is commented out)
• click preview -> trac error:

Error: Bad Request

Missing or invalid form token. Do you have cookies enabled?

This is when you have cookies cleared and no active login. It comes for firefix and chrome.

[stoecker]

Trac adds a hidden form field to every form which contains the trac identifier of current session (<input type="hidden" name="FORM_TOKEN" value="0"/>). It must be present. It seems 0 is an acceptable value to prevent above error.

[stoecker]

Ooops - The Wike ate some characters.

<input type="hidden" name="__FORM_TOKEN" value="0" />

[bastiK]

I don't see a difference when adding this.

[stoecker]

This file correctly works for me even in logged out state

[stoecker]

Hmm, even the original file works for me. Can you attach a wireshark log of the communication failing for you?

[bastiK]

Replying to stoecker:

Hmm, even the original file works for me. Can you attach a wireshark log of the communication failing for you?

--> sent email

[stoecker]

Ok, the issue happens when no cookies are saved yet. It seems josmticket redirector somehow kills the trac-form-token cookie and only passes the session cookie.

[stoecker]

Should be fixed now.

[bastiK]

Yes, works.

What is the maximum length for post request? When I send too long, it returns

Page access failed, please retry.

Is it a server limitation that is the same for all users?

[stoecker]

The josmticket script sends a get request to Trac. It needs to be expanded to use POST as well, which is not so easy due to the trac form access token.

[grossing]

Replying to bastiK:

I get

414 Request-URI Too Large

The requested URL's length exceeds the capacity limit for this server.
Apache/2.2.12 (Ubuntu) Server at localhost Port 80

when clicking on the report button.

I also get this error with josm-latest (Revision: 3517)