Description of problem: When an asynchronous operation such as a job submit returns an error result, cumin sometimes renders a yellow banner notification that contains characters that mess up xml parsing by the browser. As long as the banner is active (which may be forever, since the "dismiss" button is not available) no cumin page can be viewed. The only way out is to restart cumin-web. Version-Release number of selected component (if applicable): 2.0 How reproducible: 100%, assuming we can craft a failed operation of the right flavor Steps to Reproduce: 1. stay tuned.... 2. 3. Actual results: Page is messed up, cumin is inoperable. Expected results: Error should simply be displayed, with invalid text replaced or removed Additional info: Banner ads might have a timeout, I don't recall. I think they persist until dismissed.
Easiest way to test is with code from trunk....Unfortunately the reproduction scenario cannot be run in 2.0 because the aviary functionality is not present. But trust me, the error message below should break the browser :) 1. Set use-aviary to True in cumin.conf (should be default) 2. Set aviary-host to a machine that is not running aviary. 3. Try to submit a job, or hold/release/remove an existing job. This will result in a connection refused message from the aviary client, which contains XML special characters. Message should render to the screen without error, for example. Hold: Failed (<urlopen error [Errno 111] Connection refused>)
Fixed in revision 4886. This problem does exist in 2.0, it's just difficult to come up with a scenario that displays it.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause The messages printed in yellow task status banners in Cumin can potentially contain characters that break XML parsing in a browser during display. Consequence If such a message is printed, the browser will display an error message and no Cumin content will be visible. The simplest way to restore the UI is to restart Cumin, since no links are visible to dismiss the task banner or logout the user. Fix Code has been added to properly escape special characters in the banner messages before display. Result The properly escaped error messages display correctly and functionality is not interrupted.
Unreproducible. Should be skip-errata.
Unverifiable as well, as cumin seems to fall-back to QMF when Aviary is not running.
Nope, sorry. When I do not set brokers in cumin and do not run the Aviary, I get simply 'Submit job 'Test1': Forbidden' Without any XML mess. Verified in cumin-0.1.5068-1.el6.noarch
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,11 +1 @@ -Cause +Previously, messages printed in yellow task status banners in the Cumin web console could potentially contain characters that break XML parsing in a browser during display. If such a message was printed, the browser displayed an error message, no Cumin content was visible, and Cumin had to be restarted to restore the user interface. With this update, code has been added to properly escape special characters in the banner messages before display, thus preventing this bug.- The messages printed in yellow task status banners in Cumin can potentially contain characters that break XML parsing in a browser during display. - -Consequence - If such a message is printed, the browser will display an error message and no Cumin content will be visible. The simplest way to restore the UI is to restart Cumin, since no links are visible to dismiss the task banner or logout the user. - -Fix - Code has been added to properly escape special characters in the banner messages before display. - -Result - The properly escaped error messages display correctly and functionality is not interrupted.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2012-0045.html