Skip to content
This repository has been archived by the owner on Jan 10, 2022. It is now read-only.

Provide more test edge cases for CSRF token #26

Open
sergeyglazyrindev opened this issue Sep 13, 2021 · 1 comment
Open

Provide more test edge cases for CSRF token #26

sergeyglazyrindev opened this issue Sep 13, 2021 · 1 comment
Labels
enhancement New feature or request qa security

Comments

@sergeyglazyrindev
Copy link
Owner

Right now I had to temporarly disable CSRF check for admin panel cause there were some unexpected issues, so we have to fix that.
@sergeyglazyrindev
Copy link
Owner Author

Stack trace:

assignment to entry in nil map
/home/sergeyg/.gvm/gos/go1.16/src/runtime/map_faststr.go:204 (0x41d02c)
        mapassign_faststr: panic(plainError("assignment to entry in nil map"))
/home2/Projects/Projects/Repos/uadmin/blueprint/sessions/models/models.go:107 (0xbbd5b4)
        (*Session).SetData: s._data[name] = value
/home2/Projects/Projects/Repos/uadmin/blueprint/sessions/interfaces/db.go:20 (0xbbd57d)
        (*DbSession).Set: s.session.SetData(name, value)
/home2/Projects/Projects/Repos/uadmin/templatecontext/templatecontext.go:148 (0xbc09c1)
        PopulateTemplateContextForAdminPanel: session.Set("csrf_token", token)
/home2/Projects/Projects/Repos/uadmin/blueprint/user/user.go:245 (0xbdeba7)
        Blueprint.InitRouter.func7: templatecontext.PopulateTemplateContextForAdminPanel(ctx, c, interfaces.NewAdminRequestParams())
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/context.go:147 (0x980490)
        (*Context).Next: c.handlers[c.index](c)
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/recovery.go:83 (0x980477)
        RecoveryWithWriter.func1: c.Next()
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/context.go:147 (0x97f513)
        (*Context).Next: c.handlers[c.index](c)
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/logger.go:241 (0x97f4d2)
        LoggerWithConfig.func1: c.Next()
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/context.go:147 (0x9767c3)
        (*Context).Next: c.handlers[c.index](c)
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/gin.go:403 (0x9767aa)
        (*Engine).handleHTTPRequest: c.Next()
/home/sergeyg/.gvm/pkgsets/go1.16/uadmin-updated/pkg/mod/github.com/gin-gonic/[email protected]/gin.go:364 (0x97624c)
        (*Engine).ServeHTTP: engine.handleHTTPRequest(c)
/home/sergeyg/.gvm/gos/go1.16/src/net/http/server.go:2887 (0x6db1c2)
        serverHandler.ServeHTTP: handler.ServeHTTP(rw, req)
/home/sergeyg/.gvm/gos/go1.16/src/net/http/server.go:1952 (0x6d65ec)
        (*conn).serve: serverHandler{c.server}.ServeHTTP(w, w.req)
/home/sergeyg/.gvm/gos/go1.16/src/runtime/asm_amd64.s:1371 (0x474fe0)
        goexit: BYTE    $0x90   // NOP

@sergeyglazyrindev sergeyglazyrindev changed the title Provide more edge cases for CSRF token Provide more test edge cases for CSRF token Sep 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request qa security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sergeyglazyrindev