vikunja
/
vikunja
6
43
Fork 70
Code Issues 150 Pull Requests 12 Packages Releases 32 Activity

Edit comment with an expired JWT doesn't throw an error #2006

New Issue
Closed
opened 2023-01-23 15:00:28 +00:00 by jbd7 · 1 comment
jbd7 commented 2023-01-23 15:00:28 +00:00
Copy Link

Description

Issue: Editing a comment with an expired JWT doesn't throw an error

Steps to reproduce:

  • Log in self hosted Vikunja instance
  • Open a task wit comments, e.g. https://vikunja.tld/tasks/125
  • Leave it open for a long time and do something else
  • Go back to that opened page
  • Click on the "Edit" link below a comment
  • Edit comment and click "Save"

What happens:

  • the web page shows the edited comment, but that comment is actually not saved in the DB
  • no error is snown

What is expected:

  • Clicking on save throw a "error 401, invalid or expired jwt" error, just like what happens when trying to add a new comment to a task with an expired jwt.
  • the edited comment is still visible to the user, so that they can copy it and paste it after logging in again into Vikunja

Notes:

  • I didn't try on the Vikunja demo website as I don't control the JWT expiry.

Vikunja Frontend Version

0.19.1

Vikunja API Version

v0.19.2

Browser and version

Chrome Version 108.0.5359.125 (Official Build) (64-bit)

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

### Description Issue: Editing a comment with an expired JWT doesn't throw an error Steps to reproduce: - Log in self hosted Vikunja instance - Open a task wit comments, e.g. https://vikunja.tld/tasks/125 - Leave it open for a long time and do something else - Go back to that opened page - Click on the "Edit" link below a comment - Edit comment and click "Save" What happens: - the web page shows the edited comment, but that comment is actually not saved in the DB - no error is snown What is expected: - Clicking on save throw a "error 401, invalid or expired jwt" error, just like what happens when trying to add a new comment to a task with an expired jwt. - the edited comment is still visible to the user, so that they can copy it and paste it after logging in again into Vikunja Notes: - I didn't try on the Vikunja demo website as I don't control the JWT expiry. ### Vikunja Frontend Version 0.19.1 ### Vikunja API Version v0.19.2 ### Browser and version Chrome Version 108.0.5359.125 (Official Build) (64-bit) ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_
jbd7 added the
kind/bug
 label 2023-01-23 15:00:28 +00:00
konrad commented 2023-01-25 14:08:56 +00:00
Owner
Copy Link

Should be fixed with 4576da0dd3 - please check with the next unstable build or on try.

Should be fixed with https://kolaente.dev/vikunja/frontend/commit/4576da0dd394ee68801b1dc424c9550896d63737 - please check with the next unstable build or on try.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
renovate/camel-case-5.x
renovate/go-1.x
renovate/lowlight-3.x
renovate/golang.org-x-sync-0.x
renovate/major-dev-dependencies
renovate/github.com-wneessen-go-mail-0.x
renovate/golangci-golangci-lint-1.x
feature/better-filter-syntax
fix/tiptap-task-list
renovate/flexsearch-0.x
feature/zod-schema
renovate/github.com-typesense-typesense-go-1.x
renovate/github.com-golang-jwt-jwt-v4-5.x
automatic-year-range-for-go-header-template
feature/hide-forbidden-related-tasks
renovate/golang-1.x
release/0.20
release/0.17
release/0.16
release/0.15
release/0.14
release/0.13
v0.23.0
v0.22.1
v0.22.0
v0.21.0
v0.20.4
v0.20.3
v0.20.2
v0.20.1
v0.20.0
v0.19.2
v0.19.1
v0.19.0
v0.18.1
v0.18.0
v0.17.1
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.1
v0.13
v0.12
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.5
v0.4
v0.3
v0.2
v0.1
Labels
Clear labels   
dependencies

   
duplicate

This issue or pull request already exists

  
help wanted

Need some help

  
invalid

Something is wrong

  
kind/bug

Something is not working

  
kind/feature

New feature

  
needs reproduction

   
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
dependencies
duplicate
help wanted
invalid
kind/bug
kind/feature
needs reproduction
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vikunja/vikunja#2006
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?