Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Append token_auth to sparkline urls for embedded widgets #13963

Merged
merged 2 commits into from Jan 21, 2019
Merged

Append token_auth to sparkline urls for embedded widgets #13963

merged 2 commits into from Jan 21, 2019

Conversation

sgiehl
Copy link
Member

@sgiehl sgiehl commented Jan 14, 2019

fixes #13625

@sgiehl sgiehl added the Needs Review PRs that need a code review label Jan 14, 2019
@sgiehl sgiehl added this to the 3.9.0 milestone Jan 14, 2019
diosmosis
diosmosis reviewed Jan 14, 2019
View reviewed changes
plugins/CoreHome/angularjs/sparkline/sparkline.component.js
if (token_auth.length) {
urlParams.token_auth = token_auth;
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this means the token will become stored in the browser cache? I guess it can't be avoided in this case, but would it be a bit better if we only added it if in the widgetized iframe? So if someone adds the token auth to a URL when not in a widgetized whatever, it won't get added to every sparkline URL.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually I copied that from here:
https://github.com/matomo-org/matomo/blob/3.x-dev/plugins/CoreHome/javascripts/sparkline.js#L31-L35

But guess makes sense to replace both places and check if module parameter is Widgetize?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 makes sense to me

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changed it

Copy link
Member

@diosmosis diosmosis Jan 16, 2019
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally and noticed the token_auth is always added to the sparklines when token_auth is in the URL due to https://github.com/matomo-org/matomo/blob/3.x-dev/plugins/CoreVisualizations/Visualizations/Sparklines/Config.php#L339. Doesn't affect the single metric view widget since that is done client side. Not sure if it's worth changing this.

Otherwise works well.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't think it's worth. Won't be as easy to check if token_auth is required or not.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The JavaScript would add it back if it's required, right?

@diosmosis diosmosis merged commit a0ac6d5 into 3.x-dev Jan 21, 2019
@diosmosis diosmosis deleted the embededsparklines branch January 21, 2019 23:46
@mattab mattab modified the milestones: 3.9.0, 3.8.1 Jan 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diosmosis diosmosis diosmosis left review comments

Assignees
No one assigned
Labels
Needs Review PRs that need a code review
Projects
None yet
Milestone
3.8.1
Development

Successfully merging this pull request may close these issues.

Sparklines broken on Widgetize widget when viewed by anonymous (even with token_auth)
3 participants
@sgiehl @diosmosis @mattab