Closed pandiloko closed 9 years ago
The POST-request contains a JSON object with two keys (likes, dislikes) – if it remains the same, you can no longer vote (either because you already voted or you are the author of the comment and liking own comments is prohibited). I'll add a proper warning message in the future though.
That's right! I receive the JSON object with likes and dislikes and it never changes. So I'm being blocked. I wonder if the problem is that I'm testing isso in a LAN.
I've checked the comments.db and all users have same IP, which happens to be the network IP (i. e. 192.168.1.0). Although I've tried from different computers/browser/cache cleaned up and so on.
I did then X11 forwarding from isso server and it worked, saving IP 127.0.0.0 (yes last number is also a zero) as remote_addr. Is there a way to workaround this behavior (i. e. taking network IP as client IP in LAN environments)?
Thank you very much for the superquick answer!
I've never developed in Python but I've looked into the "anonymize" function and seems pretty straightforward to change it to ignore LAN addresses. Something like:
if ipv4.is_private:
# Ignore
else:
# anonymize
Seems ok to me, unless I'm missing something like a potential security hole or something else. What do you think? I'll try it out when I find the time.
Do you plan to use Isso only in your private network with /24 addresses? I don't really see the advantage in allowing all IP addresses for private networks. Isso is actually designed to be used in the real world (tm).
I totally understand your point of view but an important use case could be for example an intranet blog for universities or companies. I think I'm not alone there.
But thanks again for your helpful comments. I consider the problem solved.
Hi, I've recently installed isso 0.9.8-1 from AUR repositories. Everything is working fine except vote system. I really don't know where to look for error messages, as POST petitions seem to be exact the same as in your web site Demo. I activated log to file, but that didn't help. I'm only able to see GET and POST petitions through uwsgi log file, which doesn't tell me much either.
Could you point me in the right direction?
Python version is 3.4.7 and these are the config files:
isso.cfg
uwsgi/isso.ini
Apache
Thanks for your help!! And of course congrats for a really good work.