Mercurial > p > roundup > code
view doc/debugging.txt @ 5684:97e2125e064c
When we generate links from URL's in messages, we add rel="nofollow"
to combat link spam. This change turns that into rel="nofollow
noopener". This prevents the page at the end of the link from having
access to the roundup window that displays the link.
Details on the issue are are at:
https://mathiasbynens.github.io/rel-noopener/
search web for noopener vulnerability. This problem usually requires a
target="_blank" to really exploit it and we don't provide that. But
adding noopener is extra protection.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 30 Mar 2019 21:15:33 -0400 |
| parents | b6f1aaba4827 |
| children | a635a60ffb84 |
line wrap: on
line source
Debugging Aids -------------- Try turning on logging of DEBUG level messages. This may be done a number of ways, depending on what it is you're testing: 1. If you're testing the database unit tests, then set the environment variable ``LOGGING_LEVEL=DEBUG``. This may be done like so: LOGGING_LEVEL=DEBUG python run_tests.py This variable replaces the older HYPERDBDEBUG environment var. 2. If you're testing a particular tracker, then set the logging level in your tracker's ``config.ini``. SENDMAILDEBUG ============= Set to a filename and roundup will write each email message that it sends to that file instead to the internet. This environment variable is independent of the python -O flag.