#3845 |
"Economic plugin" errors not surfaced effectively
|
new
|
|
defect
|
normal
|
undecided
|
#971 |
"Humanized failures" should still have a traceback, hidden by default
|
assigned
|
davidsarah
|
enhancement
|
major
|
soon
|
#2227 |
"format=mutable" in the web API
|
new
|
|
enhancement
|
normal
|
undecided
|
#1639 |
'Return to file/directory' link from file check results gives an error
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#679 |
/storage emitting exception - lease reporting code
|
assigned
|
davidsarah
|
defect
|
major
|
undecided
|
#1203 |
/storage is insufficiently verbose when no crawl running
|
new
|
nobody
|
defect
|
normal
|
eventually
|
#3852 |
500 error from JSON welcome page
|
new
|
|
defect
|
major
|
undecided
|
#821 |
A script in a file viewed through the WUI can obtain the file's read cap
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#918 |
Abstraction violations in web/info.py
|
assigned
|
davidsarah
|
defect
|
minor
|
eventually
|
#1541 |
Add ?t=xml parameter for getting file statistics
|
new
|
bibilthaysose
|
enhancement
|
normal
|
undecided
|
#2143 |
Adding aliases to the WUI
|
new
|
daira
|
enhancement
|
normal
|
undecided
|
#979 |
AssertionError on DELETE when child links point to yourself
|
new
|
|
defect
|
major
|
soon
|
#1198 |
Bogus tub location causes introducer error
|
new
|
|
defect
|
major
|
soon
|
#1665 |
Brainstorm webapi vulnerabilities between the operator and a user and between users.
|
new
|
|
task
|
major
|
undecided
|
#615 |
Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe?
|
assigned
|
davidsarah
|
defect
|
critical
|
soon
|
#1141 |
Cannot Delete Or Rename Files/Directories With Wacky Names
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#825 |
Cannot use WUI to upload a file with a name different to its name in the local filesystem
|
new
|
|
enhancement
|
major
|
undecided
|
#127 |
Cap URLs leaked via HTTP Referer header
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#1434 |
DYHB requests misrendered in download visualization
|
new
|
warner
|
defect
|
major
|
soon
|
#1032 |
Display active HTTP upload operations on the status page
|
new
|
nobody
|
enhancement
|
minor
|
eventually
|
#1177 |
Display directory storage indexes in directory listings
|
new
|
|
enhancement
|
minor
|
undecided
|
#1799 |
Document how to distinguish exceptions from JSON, or encode exceptions as JSON
|
new
|
|
defect
|
normal
|
undecided
|
#906 |
ETag support for mutable files and directories
|
new
|
|
defect
|
major
|
undecided
|
#3929 |
Error reading directory: 'coroutine' object has no attribute 'addCallback'
|
new
|
|
defect
|
major
|
undecided
|
#1997 |
Eventually remove disconnected nodes from Welcome page display
|
new
|
daira
|
enhancement
|
normal
|
soon
|
#2716 |
Exception on WUI
|
new
|
|
defect
|
normal
|
undecided
|
#1048 |
Expected exceptions should not include tracebacks
|
new
|
|
enhancement
|
major
|
undecided
|
#2590 |
GET /operations/$HANDLE?output=json is not JSON
|
new
|
|
defect
|
normal
|
undecided
|
#2142 |
How to enhance WebUI default security against capability eavesdropping?
|
new
|
amontero
|
enhancement
|
normal
|
undecided
|
#1588 |
I want to trigger backups through the WUI.
|
new
|
|
enhancement
|
major
|
eventually
|
#885 |
Ignore space or %20 in webapi URLs
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#529 |
Implement Halt and Catch Fire
|
new
|
|
defect
|
major
|
undecided
|
#389 |
Implement Web Portal feature.
|
new
|
|
enhancement
|
minor
|
undecided
|
#995 |
It's way too easy to give away write directory caps
|
new
|
nobody
|
defect
|
major
|
undecided
|
#589 |
JSON link does not work if there is a '#' character in the file name.
|
new
|
|
defect
|
major
|
eventually
|
#1386 |
KeyError: 'file' if the local file is removed after selection and before Submit
|
new
|
daira
|
defect
|
normal
|
soon
|
#1144 |
Loopy/Uninhibited/Overlarge Filename Makes Web Server Crump
|
new
|
nobody
|
defect
|
major
|
undecided
|
#857 |
Make operation-handle-querying use only a little memory
|
new
|
nobody
|
defect
|
major
|
undecided
|
#3609 |
Manual quoting/escaping is scattered ad hoc throughout the web code
|
new
|
|
defect
|
normal
|
undecided
|
#3311 |
Move table layout to template file in download status page
|
new
|
sajith
|
enhancement
|
normal
|
undecided
|
#1727 |
New Visualizer has layout bug where serverids and other things scribble over each other
|
new
|
warner
|
defect
|
normal
|
soon
|
#1265 |
New Visualizer is insufficiently labelled/documented (plus layout problem)
|
assigned
|
zooko
|
defect
|
major
|
soon
|
#2031 |
Optionally serve ./docs from the web gateway.
|
new
|
|
enhancement
|
normal
|
undecided
|
#1560 |
POST /uri?t=upload should give Upload Results consistently (even mutable)
|
new
|
|
defect
|
minor
|
eventually
|
#462 |
PUT should elicit 100 Continue
|
new
|
|
defect
|
major
|
soon
|
#1859 |
Proof-of-concept attack: Upload and execute attacker controlled js from any domain.
|
new
|
davidsarah
|
defect
|
major
|
undecided
|
#827 |
Put file download links ('?save=true') in WUI directory listings
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#3236 |
Refactor /helper_status web resource
|
new
|
|
enhancement
|
normal
|
eventually
|
#826 |
Rename action in WUI has no confirmation for clobbering another entry
|
new
|
|
defect
|
major
|
soon
|
#3371 |
Render post-repair corrupt shares in deep-check-and-repair results page
|
new
|
sajith
|
defect
|
normal
|
undecided
|
#686 |
Search for lost share resulted in a directory popping up at unexpected place
|
assigned
|
daira
|
defect
|
major
|
soon
|
#1798 |
Segregate gateway HTTP ports: one for raw bytes and one for generated WUI pages
|
new
|
freddyb
|
defect
|
major
|
soon
|
#2093 |
State-mutating GET methods in webapi.
|
new
|
daira
|
defect
|
normal
|
undecided
|
#907 |
Stop caps from leaking to phishing-filter servers
|
assigned
|
davidsarah
|
defect
|
minor
|
eventually
|
#789 |
Support Accept-Encoding: compress, gzip in the WAPI
|
new
|
|
enhancement
|
minor
|
undecided
|
#3041 |
Testing of websocket logs
|
new
|
|
defect
|
normal
|
undecided
|
#1706 |
The "Report!" button in the "Report an Incident" form field redirects to a misleading/incomplete message
|
new
|
zancas
|
defect
|
normal
|
undecided
|
#922 |
The URL of the info page for an unknown dirnode should not grant authority to the containing directory
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#997 |
The webapi/WUI should have https enabled by default
|
new
|
nobody
|
defect
|
major
|
undecided
|
#3420 |
Twisted web Resources should "return ErrorPage" instead of "raise WebError"
|
assigned
|
sajith
|
defect
|
normal
|
|
#1008 |
Unhandled error conditions disclose detailed information
|
new
|
|
defect
|
major
|
eventually
|
#1142 |
Unlikely XSS Potential in File Names in WUI
|
new
|
nobody
|
defect
|
major
|
undecided
|
#1645 |
UnrecoverableFileError HTML message should include a link to check the file
|
new
|
|
enhancement
|
normal
|
soon
|
#1234 |
UnrecoverableFileError message should say which file it refers to
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
#1047 |
Upload failures should report useful HTTP status lines
|
new
|
nobody
|
enhancement
|
major
|
undecided
|
#2136 |
Use Content-Security-Policy to harden the WUI
|
new
|
daira
|
defect
|
normal
|
undecided
|
#1178 |
Use identicons for directory identifiers
|
new
|
|
enhancement
|
minor
|
undecided
|
#2117 |
Valid helper makes "Connected to Q of R" irrelevant for upload success
|
new
|
daira
|
enhancement
|
normal
|
undecided
|
#824 |
WUI pages lack correct XHTML 1.0 Transitional declarations
|
assigned
|
daira
|
defect
|
normal
|
soon
|
#823 |
WUI server should have a disallow-all robots.txt
|
new
|
|
defect
|
major
|
undecided
|
#1902 |
WUI: "Download a file" should error on directory
|
assigned
|
Lcstyle
|
defect
|
normal
|
soon
|
#1502 |
WUI: make type field more regular, and show SDMF vs MDMF
|
new
|
|
defect
|
major
|
soon
|
#1931 |
WUI: niggles in the new Welcome page
|
new
|
daira
|
defect
|
normal
|
soon
|
#1551 |
WUI: the Upload results page should have both view and download links
|
new
|
|
defect
|
major
|
eventually
|
#1649 |
WUI: the error message page for a writeable file/directory nonobviously includes the write cap
|
assigned
|
davidsarah
|
defect
|
major
|
undecided
|
#1809 |
WUI: upload to directory fails due to no file name
|
new
|
|
defect
|
normal
|
undecided
|
#1797 |
WUI: view content in an HTML5 sandboxed iframe
|
new
|
|
defect
|
major
|
soon
|
#2070 |
WUI: what's the difference between "Immutable" and "SDMF"?
|
new
|
|
defect
|
normal
|
undecided
|
#822 |
Web API should use a more reliable, out-of-band means of reporting errors (such as a server connection being lost) during a download
|
new
|
|
defect
|
major
|
soon
|
#587 |
Web nodes provide ambient upload authority
|
new
|
daira
|
defect
|
major
|
soon
|
#677 |
WebAPI: GET /uri/$FILECAP?t=json doesn't return size for mutable files, but the HTML version does
|
assigned
|
davidsarah
|
defect
|
minor
|
soon
|
#1846 |
add "started" timestamp on the current operations on Recent Uploads and Downloads
|
new
|
|
defect
|
normal
|
undecided
|
#1000 |
add 'Tahoe Explorer' (JavaScript-based UI) to Tahoe
|
assigned
|
davidsarah
|
enhancement
|
major
|
soon
|
#1215 |
add CORS support
|
new
|
|
enhancement
|
major
|
undecided
|
#622 |
add a 'repair' button on the webapi checker results page
|
assigned
|
Lcstyle
|
enhancement
|
major
|
soon
|
#203 |
add deep-copy function to web API
|
new
|
|
enhancement
|
major
|
eventually
|
#1462 |
add legend to Recent Uploads and Downloads page, explain LIT
|
new
|
T_X
|
defect
|
major
|
soon
|
#1728 |
add link to docs/frontends/download-status.rst from the download status page
|
assigned
|
Lcstyle
|
enhancement
|
normal
|
soon
|
#1171 |
add regression test for shnums: "e,r,r,o,r"
|
reopened
|
warner
|
defect
|
normal
|
soon
|
#2778 |
add server-info pages to WUI, link there from upload/download status pages and Welcome page
|
new
|
|
enhancement
|
normal
|
undecided
|
#92 |
add upload-status page: progress and to-whom info
|
new
|
warner
|
enhancement
|
minor
|
eventually
|
#567 |
add version info to t=JSON output data
|
assigned
|
rvs
|
enhancement
|
major
|
soon
|
#366 |
address Nathan Wilcox's concerns about "Tahoe and the browser security model"
|
new
|
nejucomo
|
defect
|
major
|
eventually
|
#1889 |
allmydata.mutable.common.NotEnoughServersError does not produce a "humanized" failure message
|
new
|
|
defect
|
normal
|
soon
|
#3610 |
allmydata.web.directory.ReloadableMonitorElement and allmydata.web.operations.ReloadMixin are basically the same
|
new
|
|
defect
|
normal
|
undecided
|
#1369 |
allow static HTML files to be transcluded into WUI Welcome and directory listing pages
|
new
|
|
defect
|
major
|
undecided
|
#2225 |
allow themeing of WUI
|
new
|
|
enhancement
|
normal
|
undecided
|
#2401 |
authentication via proxy breaks "tahoe backup"
|
new
|
|
defect
|
normal
|
soon
|
#1132 |
browser protocol handler or plugin for Tahoe URIs
|
new
|
|
enhancement
|
major
|
undecided
|
#1173 |
cancelled downloads are marked incorrectly on the Recent Uploads/Downloads page
|
assigned
|
zooko
|
defect
|
major
|
soon
|