Upgrade jquery.cookie

Review Request #5888 — Created May 28, 2014 and submitted

Information

Review Board
release-2.0.x
a01c6c8...

Reviewers

Upgrade jquery.cookie to 1.4.1. This is because of Bug 3387 where if any cookie exists on the domain that has an invalid URL escaping, for example, a cookie like 'foo=%%', then the entire site will roughly stop working. This was fixed upstream in jquery.cookie between 1.3.1 and 1.4.1.

This can be verified by running the live 2.0.1 on a machine, and running the following on a JS console:

document.cookie = 'foo=%%';

and then refreshing the page. it will stop working; if you try to view a diff, the parts will not load but will spin forever. This seems to be because the JS fails to load. After applying this diff it will start working :). This situation can occur if reviewboard is run on a subdomain like rb.example.com and there are cookies on example.com that contain this kind of string. This is a regression from 1.7

Played around with the site and didn't see anything wrong. More testing would be appreciated as this is my first review posted and whatnot. I'm just going to roll this out internally to our site though and hope for the best :)

reviewbot
  1. This is a review from Review Bot.
      Tool: PEP8 Style Checker
      Processed Files:
        reviewboard/staticbundles.py
      Ignored Files:
        reviewboard/static/lib/js/jquery.cookie-1.4.1.js
        reviewboard/static/lib/js/jquery.cookie-1.3.1.js
    
    
  2. 
      
reviewbot
  1. This is a review from Review Bot.
      Tool: Pyflakes
      Processed Files:
        reviewboard/staticbundles.py
      Ignored Files:
        reviewboard/static/lib/js/jquery.cookie-1.4.1.js
        reviewboard/static/lib/js/jquery.cookie-1.3.1.js
    
    
  2. 
      
chipx86
  1. Can you upgrade your description to explain the reason for the upgrade in detail?

  2. 
      
abhishek.mukher.g
abhishek.mukher.g
david
  1. Ship It!

  2. 
      
abhishek.mukher.g
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to release-2.0.x (41e23fd)
Loading...