On 09/30/2009 09:48 AM, Mike McGrath wrote:
On Wed, 30 Sep 2009, Darren VanBuren wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This seems to be a WordPress issue, with the whole SSL deal.
It's pretty much go, but we need to clarify that users should manually login
before clicking the signup link in order to circumvent this little issue.
Well lets find some victim^H^H^H^H^H^Hvolunteer and get at least one blog
in there and document the process all the way through.
Anyone want to step forward?
So, here's what I'm seeing:
1) logging-in appears to work fine, though I get a spurious "FAS login
failed" before I've even tried a uname/passwd auth. Are we trying some
sort of client-side cert validation first, and that's failing?
2) When trying to create a blog from the logged-out state, I get sent
to the login page, w/ a parameter that's supposed to take me to the
signup page upon succesful authentication:
https://blogs.fedoraproject.org/wp/wp-login.php?redirect_to=http%253A%252F%252Fblogs.fedoraproject.org%252Fwp%252Fwp-signup.php
Something very odd is happening, though. The 302 response code looks sane:
POST /wp/wp-login.php HTTP/1.1
[snip]
HTTP/1.x 302 Found
Date: Wed, 30 Sep 2009 16:17:26 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Wed, 30 Sep 2009 16:17:26 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Location: http%3A%2F%2Fblogs.fedoraproject.org%2Fwp%2Fwp-signup.php
... but firefox then proceeds to generate this request:
GET /wp/http%3A%2F%2Fblogs.fedoraproject.org%2Fwp%2Fwp-signup.php HTTP/1.1
... which yields (validly) a 404 error.
No idea why firefox is trying to follow that path; redacted Live HTTP
Headers log attached.
Anyone testing this w/ a browser other than F11's firefox? Same issue
shows up on iPhone's Safari browser...
--Bret
https://blogs.fedoraproject.org/wp/wp-login.php
POST /wp/wp-login.php HTTP/1.1
Host: blogs.fedoraproject.org
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090909 Fedora/3.5.3-1.fc11 Firefox/3.5.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://blogs.fedoraproject.org/wp/wp-login.php?redirect_to=http%253A%252F%252Fblogs.fedoraproject.org%252Fwp%252Fwp-signup.php
Cookie: wordpress_test_cookie=WP+Cookie+check; wp-settings-time-38=1254327347
Content-Type: application/x-www-form-urlencoded
Content-Length: 134
log=bretm&pwd=1977thomas&wp-submit=Log+In&redirect_to=http%253A%252F%252Fblogs.fedoraproject.org%252Fwp%252Fwp-signup.php&testcookie=1
HTTP/1.x 302 Found
Date: Wed, 30 Sep 2009 16:17:26 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Wed, 30 Sep 2009 16:17:26 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Location: http%3A%2F%2Fblogs.fedoraproject.org%2Fwp%2Fwp-signup.php
AppTime: D=571224
AppServer: value2.fedora.phx.redhat.com
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/wp/; domain=.blogs.fedoraproject.org
Set-Cookie: wordpress_=bretm%7C1254500246%7Cc09e0cc70f32c7c55d758ae4af4d14de; path=/wp/wp-content/plugins; domain=.blogs.fedoraproject.org; HttpOnly
Set-Cookie: wordpress_=bretm%7C1254500246%7Cc09e0cc70f32c7c55d758ae4af4d14de; path=/wp/; domain=.blogs.fedoraproject.org; HttpOnly
Set-Cookie: wordpress_logged_in_=bretm%7C1254500246%7C051116532fb45f3bf9f68d7861e69e4f; path=/wp/; domain=.blogs.fedoraproject.org; HttpOnly
ProxyTime: D=582964
ProxyServer: proxy2.fedora.phx.redhat.com
Keep-Alive: timeout=15, max=500
Connection: Keep-Alive
----------------------------------------------------------
https://blogs.fedoraproject.org/wp/http%3A%2F%2Fblogs.fedoraproject.org%2Fwp%2Fwp-signup.php
GET /wp/http%3A%2F%2Fblogs.fedoraproject.org%2Fwp%2Fwp-signup.php HTTP/1.1
Host: blogs.fedoraproject.org
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20090909 Fedora/3.5.3-1.fc11 Firefox/3.5.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://blogs.fedoraproject.org/wp/wp-login.php?redirect_to=http%253A%252F%252Fblogs.fedoraproject.org%252Fwp%252Fwp-signup.php
Cookie: wordpress_test_cookie=WP+Cookie+check; wp-settings-time-38=1254327347; wordpress_=bretm%7C1254500246%7Cc09e0cc70f32c7c55d758ae4af4d14de; wordpress_logged_in_=bretm%7C1254500246%7C051116532fb45f3bf9f68d7861e69e4f
HTTP/1.x 404 Not Found
Date: Wed, 30 Sep 2009 16:17:26 GMT
Server: Apache/2.2.3 (Red Hat)
Content-Length: 338
Keep-Alive: timeout=15, max=499
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
----------------------------------------------------------
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list