Details
-
Type: Bug
-
Status: Resolved
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: TAG 2021/22 Summer Sprint 1
-
Fix Version/s: None
-
Component/s: OIOIOI
-
Labels:None
-
Sprint:TAG 2021/22 Summer Sprint 1
Description
Due to changes in Django 2.2.26 some tests fail.
Cause:
- changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter
How to reproduce:
- pip3 install -U django==2.2.26
- docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py
affected template:
+++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html
{% for value, subdict in problems.subnodes.items|dictsort:"0.order" %}
affected view:
task_archive_tag_view
code
```
problems.subnodes.items|dictsort:"0.order"
```
sorts tuples (subnodes.items()) by value of order attribute of first element of tuple (key)
Cause:
- changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter
How to reproduce:
- pip3 install -U django==2.2.26
- docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py
affected template:
+++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html
{% for value, subdict in problems.subnodes.items|dictsort:"0.order" %}
affected view:
task_archive_tag_view
code
```
problems.subnodes.items|dictsort:"0.order"
```
sorts tuples (subnodes.items()) by value of order attribute of first element of tuple (key)
Activity
- All
- Comments
- History
- Activity
- Transitions
- Commits
Tomek Waleń
made changes -
Field | Original Value | New Value |
---|---|---|
Description |
Due to changes in Django 2.2.26 some tests fail.
Cause: - changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter How to reproduce: - pip3 install -U django==2.2.26 - docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py affected template: +++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html {% for value, subdict in problems.subnodes.items|dictsort:"0.order" %} |
Due to changes in Django 2.2.26 some tests fail.
Cause: - changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter How to reproduce: - pip3 install -U django==2.2.26 - docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py affected template: +++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html {% for value, subdict in problems.subnodes.items|dictsort:"0.order" %} affected view: task_archive_tag_view |
Aleksander Tudruj
made changes -
Assignee | Aleksander Tudruj [ at429630 ] |
Tomek Waleń
made changes -
Description |
Due to changes in Django 2.2.26 some tests fail.
Cause: - changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter How to reproduce: - pip3 install -U django==2.2.26 - docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py affected template: +++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html {% for value, subdict in problems.subnodes.items|dictsort:"0.order" %} affected view: task_archive_tag_view |
Due to changes in Django 2.2.26 some tests fail.
Cause: - changes for dictsort usage in templates: https://docs.djangoproject.com/en/4.0/releases/2.2.26/#cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter How to reproduce: - pip3 install -U django==2.2.26 - docker-compose -f docker-compose-dev.yml -f extra/docker/docker-compose-dev-noserver.yml exec "web" ../oioioi/test3.sh -v oioioi/problems/tests/test_task_archive.py affected template: +++ b/oioioi/problems/templates/problems/task-archive-problemgroup.html {% for value, subdict in problems.subnodes.items|dictsort:"0.order" %} affected view: task_archive_tag_view code ``` problems.subnodes.items|dictsort:"0.order" ``` sorts tuples (subnodes.items()) by value of order attribute of first element of tuple (key) |
Tomek Waleń
made changes -
TAG Developer | Aleksander Tudruj [ at429630 ] |
Tomek Waleń
made changes -
Status | New [ 10000 ] | Open [ 1 ] |
Aleksander Tudruj
made changes -
Status | Open [ 1 ] | In Progress [ 3 ] |
Aleksander Tudruj
made changes -
Status | In Progress [ 3 ] | Resolved [ 5 ] |
Assignee | Aleksander Tudruj [ at429630 ] | Tomasz Waleń [ tomasz_walen ] |
Resolution | Fixed [ 1 ] |
Aleksander Tudruj
made changes -
Assignee | Tomasz Waleń [ tomasz_walen ] | Aleksander Tudruj [ at429630 ] |