View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0009885 | Taler | exchange | public | 2025-05-06 03:51 | 2025-06-23 04:46 |
| Reporter | Florian Dold | Assigned To | Christian Grothoff | ||
| Priority | low | Severity | tweak | Reproducibility | have not tried |
| Status | assigned | Resolution | open | ||
| Target Version | post-1.0 | ||||
| Summary | 0009885: AML programs should validate the FORM_ID and form attributes | ||||
| Description | The AML programs we use in the exchange currently do not check the FORM_ID at all. For programs that run after a form submission, we do some more basic checks on the new attributes. | ||||
| Tags | debt | ||||
|
|
dev/grothoff/bug9885 contains a patch that *could* in *theory* fix this. It is, however, largely untested. It also has some specific known issues: (1) I could not find the name of the "accept ToS" form. So I put "accept_tos" into taler-exchange-helper-measure-validate-accepted-tos. Sebastian: please double-check that the ToS dialog actually creates a form ID (the logic seems to be missing), and if it does have a different one already, please adjust the shell script. (2) The kyx-check script doesn't yet check the "innards" of the ESTABLISHER_LIST. (3) The 'reject' logic (exec taler-exchange-helper-measure-freeze) should probably be tested... |
|
|
form id fixed in the script, i think we should have the form_id in gana 0010122 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-05-06 03:51 | Florian Dold | New Issue | |
| 2025-05-08 19:26 | Christian Grothoff | Status | new => confirmed |
| 2025-05-08 19:27 | Christian Grothoff | Severity | minor => tweak |
| 2025-05-08 21:57 | Christian Grothoff | Target Version | 1.0 stretch goals => post-1.0 |
| 2025-05-08 21:57 | Christian Grothoff | Priority | normal => low |
| 2025-06-08 20:21 | Christian Grothoff | Tag Attached: debt | |
| 2025-06-16 02:05 | Christian Grothoff | Assigned To | => Christian Grothoff |
| 2025-06-16 02:05 | Christian Grothoff | Status | confirmed => assigned |
| 2025-06-22 12:50 | Christian Grothoff | Note Added: 0025300 | |
| 2025-06-23 04:46 | sebasjm | Note Added: 0025314 |
