On 12/8/2012 16:19, janI wrote:
On 8 December 2012 21:56, TJ Frazier <[email protected]> wrote:
On 12/8/2012 12:19, janI wrote:
Hi.
If I understand you correctly I think I will have no change of correcting
it...it is a standard usage of spammers, to make a fake login, and I think
that is what you have been seeing. If I have misunderstood your report,
then please excuse me.
Please excuse my lack of clarity; your comment made me realize exactly
what I was seeing. The "not logged in" page header is exactly what an
anonymous user (not logged in) would see, when accessing the file. This is
perfectly legal. If the user had a language code set in the browser, the
page would naturally be in that language. Even a sysop might land on the
"Recent changes" page, not notice not being logged in, and click on a link
in the Upload log. Then the login status would become obvious, since the
sysop options (including "delete all") would not show.
However, for a logged-in user, this is a stale page, and should not be
delivered by ATS.
Now I think I understand you, I will look into it, but it is a wiki
problem and not a ATS, the traffic server cannot as far as I know generate
login pages. MWiki will however do it, if your cookies are deleted or out
of date. The use of cookies has changed quite a lot in the new release as
you will soon see.
Sorry, I'm still not being clear enough. The "Login / Create account"
I'm talking about is the little yellow message that appears at the upper
right on every page, for an anonymous user (not the Login dialog, with
boxes for user name, etc.). The stale page itself is the File page,
showing the picture, file history, links, etc. Presumably, this means
that an anonymous user (probably a spammer) has recently accessed the
page; otherwise, the wiki wouldn't have generated it.
Some component (probably ATS) is not properly checking the logged-in
status of a cached page versus the logged-in status of the requester.
(Or the check is getting bad information, or ...) "Not logged in" pages
should be delivered to any anonymous user, but not to any logged-in
user. "Logged in" pages may only be delivered to that particular user.
HTH, /tj/
I am right now "fighting" with apache AND ats to get wikitest operational,
I am so "lucky" that infra has suggested I do it myself and report to them
when it works. But I like a challenge :-)
jan I.
Yes, you are lucky. When you are done, you will understand every part of
the procedure, and you can feel confident that you can fix any part of it.
Yes, I have been the whole way from DNS server, router, traffic server
(ooo-wiki), apache (ooo-wiki) and are now playing with the upgrade.
After this (incl. the mysql) I feel quite confident in handling this type
of servers.
I wish I could help more. Thank you for all your hard work.
/tj/
On 8 December 2012 17:52, TJ Frazier <[email protected]> wrote:
On 12/8/2012 11:16, janI wrote:
Sorry, yes we are working on the traffic server and apache below wiki,
which might cause very short outages (less than 10 seconds).
Jan.
Jan,
During the recent spam-fighting, I saw stale pages a number of times, of
one particular type. I was chasing the pictures uploaded by spammers.
When
I clicked on the link, I would sometimes get a page with the "Log
in/Create
account" header, and sometimes not in English. In all cases, the
"&purge=1"
method cleared up the problem. Still, it seems curious that ATS didn't
realize that I was already logged in. Not an earth-shaking problem, but
if
you see a way to fix it ...
/tj/
On 8 December 2012 17:08, Alexandro Colorado <[email protected]> wrote:
Wonder if the mWiki is being worked on, any email of outages must have
escaped my inbox. Any confirmation, update?
--
Alexandro Colorado
Apache OpenOffice Contributor
http://es.openoffice.org
