Uploaded image for project: 'Nuxeo Drive '
  1. Nuxeo Drive
  2. NXDRIVE-2193

Stop trying to guess the server URL

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.5.2
    • Fix Version/s: 4.4.5
    • Component/s: Framework, GUI
    • Release Notes Summary:
      No more server URL guessing
    • Release Notes Description:
      Hide

      When adding a new account, the app was trying to understand the given URL by deconstructing and reconstructing it using different patterns. This behaviour leaded to several issues, the most critical was Kaspersky detecting and completely deleting the application because of its HTTP scanner heuristic.
      From now, a simple syntax check will be done on the URL and if it is wrong then the user will have to fix it. The user will know when the URL is good: the text field will have blue borders. If the given URL does not meet the expected syntax, borders will be red.

      Show
      When adding a new account, the app was trying to understand the given URL by deconstructing and reconstructing it using different patterns. This behaviour leaded to several issues, the most critical was Kaspersky detecting and completely deleting the application because of its HTTP scanner heuristic. From now, a simple syntax check will be done on the URL and if it is wrong then the user will have to fix it. The user will know when the URL is good: the text field will have blue borders. If the given URL does not meet the expected syntax, borders will be red.
    • Epic Link:
    • Sprint:
      nxDrive 11.1.37, nxDrive 11.2.1
    • Story Points:
      2

      Description

      Situation

      When adding an account the app is currently trying to understand the given URL by deconstructing and reconstructing it using different patterns. It is used for instance when one enters "127.0.0.1" in the server URL field: then several URLs will be tested and the one giving a good answer is used. Several HTTP and HTTPS patterns are used. See compute_urls() for technical details.

      This leads to several issues:

      • If an URL answers successfully but it is not the Nuxeo server behind, a message asking for a downgrade to Nuxeo Drive 3.1.2 will be promtped.
      • As seen with NXDRIVE-1541, Kaspersky is kind of intercepting HTTP calls and kill + delete the app when 8 calls are done. This is unfortunate ...

      So trying to be smart is a nice developer win, but a poor end-user feature (for that specific case).

      Scope

      • Remove guess_server_url() and compute_urls() functions.
      • When one is entering an URL, a real-time URL vlidator will ensure the URL is OK (if not, the OK button will be locked).
        This is a simple syntax checker that tells the text entered is a valid URL. If the URL is valid but not good, it is up to the user to do things right.
      • The server URL field placeholder has to be updated to reflect the desired URL syntax.

      A valid URL fills those requirements:

      1. Starts with "http://" or "https://";
      2. then comes the domain name "a.b.c.d.";
      3. then comes the eventual port number ":8080";
      4. then comes the default domain "/string";
      5. then comes eventual key=value paramerters '"?param=value;param2=value2";
      6. then comes the eventual anchor "#NXDRIVE-NEXTGEN2"

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 3 days, 15 minutes
                  3d 15m

                    PagerDuty

                    Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.