View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 1814 | Composr | core_addon_management | public | 2015-03-03 05:41 | 2015-03-05 13:33 |
| Reporter | PDStig | Assigned To | Guest | ||
| Priority | normal | Severity | minor | ||
| Status | resolved | Resolution | fixed | ||
| Summary | 1814: Updating addons results in an addon not supported error | ||||
| Description | When trying to update non-bundled addons from Composr (after doing the 9.0.17 update), trying to update addons leaves with an error basically saying the file type "" is not allowed. This error continues even after removing file extension restrictions in security configuration. In order to update the addons, I had to manually do it by downloading the updated addons from Composr and then uploading them through the addon management. I should have taken a screenshot of the error, but I will try to post it once I get the daily digest. | ||||
| Steps To Reproduce | 1. Have an old version of something like Activity Feed addon installed. 2. Upgrade to 9.0.17 3. Attempt to update the addons. 4. You get the addon not supported error. | ||||
| Tags | No tags attached. | ||||
| Attach Tags | |||||
| Attached Files | |||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
|
|
Screenshots of stack trace uploaded. Most important is Untitled and Untitled2. Untitled shows error message. Untitled2 shows possible cause... where it sends the tmp file generated by addon updater through a file extension check. |
|
|
I can also confirm the same issue after updating one of my sites to 9.0.17. Going to adminzone->structure->addons, selecting the 'Import updated addons' link, and then attempting to import those addons results in a stack trace. In my case, the first argument of the check_extension function is showing my domain name 'www.tfo.net' and my error message says "Sorry, but 'net' files can not be uploaded." |
|
|
I am also getting this error saying "com" and "org" files are not allowed. |
|
|
Sorry for the bug guys. Our adjusted input filtering was being over-zealous, didn't allow reference to any off-site URLs, while previously this limitation was more focused. It probably affects a few other corners of Composr also. Not an intentional change, but we adjusted our code a lot when reviewing it. Hot-fix coming. |
|
|
Automated response: Addon installation from compo.sr broken Addon installation does not work when installing via selecting direct from compo.sr. This is due to the upgraded input-filter being over-zealous with controlling allowed URLs within the system. |
|
|
Fixed in git commit a991473 (https://github.com/chrisgraham/Composr/commit/a991473 - link will become active once code pushed to github) A hotfix (a TAR of files to upload) have been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/). |
