From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
Cc: | PostgreSQL WWW <pgsql-www(at)postgresql(dot)org> |
Subject: | Re: CVE details page |
Date: | 2021-03-28 11:26:30 |
Message-ID: | CABUevEwAfcck_Bw0TSyRT-y1oo3Gq3nStNO4ETRKJ34e6o36xw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-www |
On Sat, Mar 27, 2021 at 8:35 PM Jonathan S. Katz <jkatz(at)postgresql(dot)org> wrote:
>
> On 3/25/21 8:20 AM, Magnus Hagander wrote:
> > On Wed, Mar 24, 2021 at 8:57 PM Jonathan S. Katz <jkatz(at)postgresql(dot)org> wrote:
> >>
> >> I've modified the URL matching to be all uppercase, but keeping our
> >> matching logic case insensitive.
> >
> > I do still prefer lowercase, but not enough to insist on it :)
> >
> > But do consider the redirect, that might help some ppl.
>
> OK, so I did:
>
> - matching cve/CVE
> - added a redirect to rewrite to CVE
Wouldn't:
+ if request.path.find('cve') != -1:
+ return redirect('/support/security/CVE-{}/'.format(cve),
permanent=True)
you captured the "cve" vs "CVE" part already in urls.py as a separate
parameter? And then just "if blah != 'CVE' return redirect"?
Either works, but looking for cve anywhere in the URL seems to set up
for a future bug should we ever for example want to move the cve's
into a subdir..
> >>> * The query for "versions" needs a .elect_related('version')
> >>
> >> That I do agree with and somehow missed that. Thanks!
> >
> > Thinking more, we should also have a struct.py in this directory, so
> > it goes ni the sitemap and becomes searchable. We should *already*
> > have had that, but it becomes more importantn ow that we have >1 page.
> > But already today you won't actually get search hits in our security
> > listing, which is a problem in itself... But let's fix them both at
> > once.
>
> OK, I believe I have handled that. I included it in 0003.
Rest LGTM.
--
Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Jonathan S. Katz | 2021-03-28 13:44:35 | Re: CVE details page |
Previous Message | Jonathan S. Katz | 2021-03-27 19:35:08 | Re: CVE details page |