]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commitdiff
content-type for aggregate web trigger
authorjmtd <jmtd@web>
Mon, 20 Apr 2020 08:31:48 +0000 (04:31 -0400)
committeradmin <admin@branchable.com>
Mon, 20 Apr 2020 08:31:48 +0000 (04:31 -0400)
doc/bugs/aggregate_web_trigger_sends_response_as_text__47__plain.mdwn [new file with mode: 0644]

diff --git a/doc/bugs/aggregate_web_trigger_sends_response_as_text__47__plain.mdwn b/doc/bugs/aggregate_web_trigger_sends_response_as_text__47__plain.mdwn
new file mode 100644 (file)
index 0000000..733579f
--- /dev/null
@@ -0,0 +1,40 @@
+With IkiWiki 3.20200202.3, [[plugins/aggregate]]'s web trigger sends it's response as HTTP 200, Content-Type: text/plain, followed by a payload that seems to include a Content-type in the body accidentally, and a bunch of HTML:
+
+
+    qusp▶ GET -e "https://$redacted/ikiwiki?do=aggregate_webtrigger"
+    Enter username for Git Access at REDACTED:443: admin
+    Password: 
+    200 OK
+    Connection: close
+    Date: Mon, 20 Apr 2020 08:27:39 GMT
+    Server: nginx/1.14.2
+    Content-Length: 2467
+    Content-Type: text/plain
+    Client-Date: Mon, 20 Apr 2020 08:27:39 GMT
+    Client-Peer: 31.51.75.214:443
+    Client-Response-Num: 1
+    Client-SSL-Cert-Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
+    Client-SSL-Cert-Subject: /CN=REDACTED
+    Client-SSL-Cipher: ECDHE-RSA-CHACHA20-POLY1305
+    Client-SSL-Socket-Class: IO::Socket::SSL
+    
+    Aggregation triggered via web.
+    
+    Content-type: text/html
+    
+    <!DOCTYPE html>
+    <html xmlns="http://www.w3.org/1999/xhtml">
+    <head>
+    …
+
+Looking at the source it's fairly clear why:
+<http://source.ikiwiki.branchable.com/?p=source.git;a=blob;f=IkiWiki/Plugin/aggregate.pm;hb=HEAD#l76>
+
+I guess it was never intended for a human to see this output. I've found it useful to add a link button to some private pages to manually trigger the web hook,
+something like
+
+    <a class=feedbutton href=https://REDACTED/ikiwiki?do=aggregate_webtrigger>webtrigger</a>
+
+So it would be nice if the payload was sent with a HTML content-type (which wouldn't hurt cron jobs or clients that ignore the body anyway)
+
+*— [[Jon]], 2020-04-20*