Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Arbitrary fails in Backlisting test.
Comment | File | Size | Author |
---|---|---|---|
#8 | mollom-DRUPAL-6--1.blacklist.8.patch | 10.96 KB | sun |
#5 | mollom-HEAD.blacklist-test.5.patch | 11.58 KB | sun |
#3 | mollom-HEAD.blacklist-test.3.patch | 11.12 KB | sun |
#1 | mollom-HEAD.blacklist-test.1.patch | 10.49 KB | sun |
Comments
Comment #1
sunHoly cow. That base64_encode() munging really killed my nerves. Quite inconsistent...
- When adding a URL, only the domain name is added, i.e. "spam.com".
- When deleting a URL, it is a fully-qualified domain name as URI, i.e. "http://spam.com/". Note the trailing slash, and also note that all URLs are stored lower-case.
This patch makes the Blacklisting test basically work, but...
I somehow get the impression that text blacklist API does not properly work.
It seems like the tests passed previously, since the testing text contained the word "spam", but "spam" is already a hard-coded keyword.
Comment #2
sunerrr, please scratch what I said above. It was "unicorn", not "spam".
So I really wonder what the problem is.
Powered by Dreditor.
Comment #3
sunHey, who said that blacklisted text needs to be lower-case and don't contain numbers? :P
Comment #4
Dries CreditAttribution: Dries commentedI don't see how this can be fixed without removing the foreach. Removing the foreach has the drawback that we wouldn't clean up left-overs on the server-side. Though problem.
- Blacklists words/strings can't be more than 100 characters right now. Not sure how long randomName() can be.
- On the server-side, we convert the blacklist to lowercase.
The difference between 'total identical' and 'identical' is confusing. Not sure I understand from reading the patch.
There is probably no solution but to remove this.
That is an improvement but shouldn't explain why the tests failed, IMO. There shouldn't have been more than one 'delete' link in the old tests unless we consistently ran into concurrency issues (i.e. extremely unlikely). I haven't run the tests yet but it would be wonderful if this fixed 'em.
Comment #5
sun1290 passes, 0 fails, 0 exceptions
Comment #6
Dries CreditAttribution: Dries commentedCommitted to CVS HEAD. Thanks!
Comment #7
sunI think we want to backport this fix.
Comment #8
sun69 passes, 0 fails, and 0 exceptions
Comment #10
sunThat's a different fail.
Comment #11
Dries CreditAttribution: Dries commentedCommitted!