Forum OpenACS Development: Re: ad_conn behind_secure_proxy_p returns "", breaking if {...}

As Antonio wrote on github, there is no way to get the empty string result with any recent versions of OpenACS. So, probably you have some local modifications.

is the code, where you observing the behavior available on github or on some other public repository?

Hi Gustaf,

some local modification

Nope, we've just got a fresh 5.9.1.

I looked into the master and 5.9 branches, but not into the 5.10 branch. I will do this the next time I find something.

Btw., we're currently working on ]po[ V5.1, which is based on OpenACS 5.9.1 with CSP enabled. So we modified some ~300 source files to move onclick(...) and other JavaScript code to [ script type="..." nonce="..." ] tags.

Thanks for providing the infrastructure!

I've already seen some issues in 5.9.1 with files not working with CSP. I'll report them on the OpenACS bug-tracker (https://openacs.org/bugtracker/openacs), unless they have already been fixed in 5.10.

There will be some other issues / ideas / ... coming up from ]po[ V5.1 development, which I'll post in separate threads.

Thanks!
Frank

Hi Gustaf,

I gave it a short try some weeks ago, and I immediately got some important error. Some compatibility was broken, but I can't remember how what the actual error was. I gave up at that moment and went for 5.9.1.

Is 5.10 allowed to break something?

If it's not: I could offer to setup a joint testing VM where we would install the latest OpenACS version with ]po[. We've got a test script for ]po[, so it's easy to tell if something is broken.

Cheers
Frank

Hi Frank,

I can provide you with a project-open 5.0.3 container running of openacs 5.10

It has errors, so you will need to manually go through each of the packages and figure out (systematically) where PO Is still using code that should not be there. (And I did not do it. Just remembered that task from upgrading to OpenACS 4.8)

When I looked at that container some months ago, I think the biggest challenge was the database upgrade from 9.2. to 10.x and higher. That was, if I remember correctly, due to a change in tsearch. Which OpenACS takes care of but PO has its own thing for full text search so I think something there did not work out.

I‘d love to help, but given other engagements (encouraging older developers to adhere to coding standards which have been around since XP, not to mention automated code generation) as well as our transition to OpenAPI based coding (lets say we learned a lot and the amount of technical debt shows it 😊), I can*t

Let me know though if I should build you a pipeline for oacs-5-10 based container. This checks out oaks-5-10 based of Naviserver and loads PO packages into it in a second stage. I think it is already on dockerhub at hub.docker.com/sussdorff/projop:oacs-5-10, but I might be wrong.

I would highly recommend by the way to NOT fork the OpenACS packages, but just use the standard ones and only if there is a very good reason and unwillingness of the community to take the patch and no other way to make the functionality work, to for that single package. I know, painful, but you get used to it (at least I got with PO 5.0 after going the fork way with PO 4.0).