search

isso-comments / isso

a Disqus alternative
https://isso-comments.de
MIT License
5.05k stars 437 forks source link

Up/down vote system not working in LAN #154

Closed pandiloko closed 9 years ago

pandiloko commented 9 years ago

Hi, I've recently installed isso 0.9.8-1 from AUR repositories. Everything is working fine except vote system. I really don't know where to look for error messages, as POST petitions seem to be exact the same as in your web site Demo. I activated log to file, but that didn't help. I'm only able to see GET and POST petitions through uwsgi log file, which doesn't tell me much either.

Could you point me in the right direction?

Python version is 3.4.7 and these are the config files:

isso.cfg

[general]
dbpath = /var/lib/isso/comments.db
host =
        http://myblogwithisso.com/
log-file = /tmp/isso.log

uwsgi/isso.ini

http-socket = 127.0.0.1:8095
master = true
; set to `nproc`
processes = 4
cache2 = name=hash,items=1024,blocksize=32
; you may change this
spooler = /var/lib/isso/mail
module = isso.run
plugin = python
; uncomment if you use a virtual environment
; virtualenv = /path/to/isso
env = ISSO_SETTINGS=/etc/isso.cfg

Apache

    ProxyPreserveHost On
    ProxyPass /isso http://127.0.0.1:8095
    ProxyPassReverse /isso http://127.0.0.1:8095

Thanks for your help!! And of course congrats for a really good work.

posativ commented 9 years ago

The POST-request contains a JSON object with two keys (likes, dislikes) – if it remains the same, you can no longer vote (either because you already voted or you are the author of the comment and liking own comments is prohibited). I'll add a proper warning message in the future though.

pandiloko commented 9 years ago

That's right! I receive the JSON object with likes and dislikes and it never changes. So I'm being blocked. I wonder if the problem is that I'm testing isso in a LAN.

I've checked the comments.db and all users have same IP, which happens to be the network IP (i. e. 192.168.1.0). Although I've tried from different computers/browser/cache cleaned up and so on.

I did then X11 forwarding from isso server and it worked, saving IP 127.0.0.0 (yes last number is also a zero) as remote_addr. Is there a way to workaround this behavior (i. e. taking network IP as client IP in LAN environments)?

Thank you very much for the superquick answer!

pandiloko commented 9 years ago

I've never developed in Python but I've looked into the "anonymize" function and seems pretty straightforward to change it to ignore LAN addresses. Something like:

if ipv4.is_private:
   # Ignore
else:
   # anonymize

Seems ok to me, unless I'm missing something like a potential security hole or something else. What do you think? I'll try it out when I find the time.

posativ commented 9 years ago

Do you plan to use Isso only in your private network with /24 addresses? I don't really see the advantage in allowing all IP addresses for private networks. Isso is actually designed to be used in the real world (tm).

pandiloko commented 9 years ago

I totally understand your point of view but an important use case could be for example an intranet blog for universities or companies. I think I'm not alone there.

But thanks again for your helpful comments. I consider the problem solved.