Project

General

Profile

Actions
Copy link

Bug #10605

closed

Visiting /users/logout leads to 404

Added by Jan Pazdziora almost 9 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Marek Hulán
Category:
Authentication
Target version:
1.12.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/3419
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

When visiting /users/logout, either by opening it from menu in new tab or by following bookmarked URL, the result is

404
 The page you were looking for doesn't exist.
 You may have mistyped the address or the page may have moved.

The reason is that 4e3a7e7a2a542435686a667773eafc73c92e557b changed logout to be available on POST only.

If the actual action needs to be POST to prevent CSRF, shouldn't there be a GET-handled page which would ask for confirmation and then issue the POST request? If Foreman is striving for REST even on the WebUI, POST does not sound like a correct method for logout anyway.

In any way, user should not be presented with hurdles like 404 when they try to logout.

Actions
Copy link
 #1

Updated by The Foreman Bot about 8 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Marek Hulán
  • Pull request https://github.com/theforeman/foreman/pull/3419 added
Actions
Copy link
 #2

Updated by Marek Hulán about 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Dominic Cleal about 8 years ago

  • translation missing: en.field_release set to 136
Actions
Copy link

Also available in: Atom PDF