Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Duplicated form field id in the UI forces network connection abort by the browser, leading to http status 499 #696

Closed
2 tasks done
emil-wire opened this issue Jan 14, 2024 · 1 comment · Fixed by #726
Closed
2 tasks done

Duplicated form field id in the UI forces network connection abort by the browser, leading to http status 499 #696

emil-wire opened this issue Jan 14, 2024 · 1 comment · Fixed by #726
Labels
defect Something isn't working
Milestone
4.11

Comments

@emil-wire
Copy link

emil-wire commented Jan 14, 2024
edited
Loading

Current Behavior

My setup: depedency-track docker, version 4.10.0 (api + frontend) fronted by traefik for TLS termination and routing.
Chromium 121.0.6111.0, Firefox 121.0.1

When accessing any project on the projects page, both Chromium and Firefox cancel/NS_BINDING_ABORTED their requests to (examples)
https://example.com/api/v1/component/project/2c068bda-2155-475d-8f98-0f56ea078188?onlyOutdated=false&onlyDirect=false&searchText=&pageSize=10&pageNumber=1

and

https://example.com/api/v1/component/project/2c068bda-2155-475d-8f98-0f56ea078188?onlyOutdated=false&onlyDirect=false&searchText=&pageSize=10&pageNumber=1

which leads to HTTP error 499 on Traefik and an error 500 on the API server (ERROR [ServerRuntime$Responder] An I/O error has occurred while writing a response message entity to the container output stream.).

After some debugging, I believe the cause for this issue lies with duplicated form field ids:

<input id="showSuppressedFindings" type="checkbox" true-value="value" false-value="uncheckedValue" class="switch-input form-check-input" value="true">
the offending check boxes can be found in epssToolbar and the findingsToolbar

Steps to Reproduce

  1. Enable TLS on the API server placed in front of the API server
  2. Go to any project from the projects page and check the chrome/firefox dev tools' network tab. Both will have aborted requests showing

Expected Behavior

No aborted requests and unique ids for html elements (or use classes) and in general correct usage of the input element in html.

Aside: Chrome dev tools also show 74 warnings for input elements in general, as the 74 elements don't have an ID or name attribute.

Dependency-Track Frontend Version

4.10.0

Browser

Mozilla Firefox

Browser Version

121.0.1

Operating System

macOS

Checklist
@emil-wire emil-wire added defect Something isn't working in triage labels Jan 14, 2024
@nscuro nscuro mentioned this issue Feb 3, 2024
Merged
1 task
@nscuro
Copy link
Member

nscuro commented Feb 3, 2024

Thanks for reporting!

This is fixed in #726. The culprit were the "Only Direct" and "Only Outdated" toggles in the "Components" tab.

@nscuro nscuro closed this as completed Feb 3, 2024
@nscuro nscuro removed the in triage label Feb 3, 2024
@nscuro nscuro added this to the 4.11 milestone Feb 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect Something isn't working
Projects
None yet
Milestone
4.11
2 participants
@nscuro @emil-wire