Bug #17584

403 forbidden trying to view repo file content

Added by jnqnfe 2020-04-02 16:25:05 . Updated 2020-04-03 18:42:40 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Website
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

i’m new here, but trying to view contents of files via the redmine repo interface results in a 403 forbidden error. is this expected or a mistake. i found it both before registering for an account here and after.

e.g.
1) click the “respoitory” link above (in the redmine interface), taking you to https://redmine.tails.boum.org/code/projects/tails/repository
2) try clicking of the file COPYING for instance (https://redmine.tails.boum.org/code/projects/tails/repository/changes/COPYING?rev=master)
3) try clicking on the single listed revision (https://redmine.tails.boum.org/code/projects/tails/repository/revisions/0398f2aa2d4728ac4287cc1ab0b6c4cb866f5a6e)

resulting page gives a 403

back on the file’s revision list, clicking “view” (https://redmine.tails.boum.org/code/projects/tails/repository/revisions/master/entry/COPYING) also gives a 403

and “annotate” (https://redmine.tails.boum.org/code/projects/tails/repository/revisions/master/annotate/COPYING gives a 403

and “download” (https://redmine.tails.boum.org/code/projects/tails/repository/revisions/master/raw/COPYING gives a 403

what gives?

Subtasks

History

#1 Updated by intrigeri 2020-04-03 06:27:58

  • Status changed from New to Rejected

Thanks for caring and for reporting this!

The behavior you’re seeing is an intended consequence of DDoS mitigation measures we had to put in place some months ago. We’re aware of the UX drawbacks. That’s the
best trade-off we could come up with.

Given we’ll be migrating to GitLab really soon now, I don’t think it’s worth investing time into fixing Redmine things now, so I’m rejecting this issue.

Related: Bug #17550

#2 Updated by jnqnfe 2020-04-03 18:42:40

intrigeri wrote:
> The behavior you’re seeing is an intended consequence of DDoS mitigation measures we had to put in place some months ago. We’re aware of the UX drawbacks. That’s the
> best trade-off we could come up with.
>
> Given we’ll be migrating to GitLab really soon now, I don’t think it’s worth investing time into fixing Redmine things now, so I’m rejecting this issue.
>
> Related: Bug #17550

oh ok. i did manage to locate the salsa copy after reporting this and viewed there what i was trying to look at. no problem :)