Project

General

Profile

Actions

Defect #31552

closed

View switches from gantt to list after editing an issue

Added by Bernhard Rohloff almost 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Gantt
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

The view is only affected if a custom filter is applied. If there's
no filter applied the view works as expected.

Steps to reproduce

  1. Open the gantt view.
  2. Modify and apply the filter.
  3. Edit an issue with the right click menu

Result

The view switches to the issues list view

Expected result

The view stays on the gantt view


Files

gantt_switch_to_list_issue.webm (179 KB) gantt_switch_to_list_issue.webm Video showing the behavior with and without custom filter Bernhard Rohloff, 2019-06-11 11:52
add-back-url-parameter.patch (1.41 KB) add-back-url-parameter.patch Mizuki ISHIKAWA, 2019-06-27 09:09

Related issues

Related to Redmine - Defect #31831: Back url parse in validationClosedMarius BÄ‚LTEANU

Actions
Actions #1

Updated by Go MAEDA almost 5 years ago

  • Status changed from New to Confirmed
Actions #2

Updated by Mizuki ISHIKAWA almost 5 years ago

I have confirmed that the changes below fix this problem.

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 06e2d702c1..afbb30f3ee 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -440,7 +440,7 @@ class ApplicationController < ActionController::Base
     end

     begin
-      uri = URI.parse(back_url)
+      uri = URI.parse(URI.encode(back_url))
     rescue URI::InvalidURIError
       return false
     end

However, I am concerned that this change will cause other problems.
ApplicationController#validate_back_url is a method that includes security changes(#19577), so it needs to be corrected carefully.

Actions #3

Updated by Mizuki ISHIKAWA almost 5 years ago

I think that the patch attached is better than the correction method suggested in #31552#note-2.

The issues/_list also make the back_url parameter in the same way.
The same problem occurred with the calendar, so we fix it together.

Actions #4

Updated by Go MAEDA over 4 years ago

  • Target version set to 4.0.5

Mizuki ISHIKAWA wrote:

The issues/_list also make the back_url parameter in the same way.

source:tags/4.0.4/app/views/issues/_list.html.erb#L5 and source:tags/4.0.4/app/views/timelog/_list.html.erb#L2.

Setting the target version to 4.0.5.

Actions #5

Updated by Go MAEDA over 4 years ago

  • Status changed from Confirmed to Resolved
  • Assignee set to Go MAEDA

Committed the patch. Thank you all for reporting and fixing this issue.

Actions #6

Updated by Go MAEDA over 4 years ago

  • Status changed from Resolved to Closed
  • Resolution set to Fixed
Actions #7

Updated by Go MAEDA over 4 years ago

Actions

Also available in: Atom PDF