Un-authorized user comments appear as comments from webcompat-bot #845
Assignees
Comments
|
Yeah, this is bogus. Thanks for filing @hallvors. |
|
hi, ok to work on this? I still have 980 on my todo's but would like to work on something while waiting on a blocking bug (it is probably low priority). thanks. |
|
@cch5ng yes! |
@cch5ng are you still planning on working on this? |
|
@miketaylr I can release this one but continue to work on issue 980. I will unassign myself. thx |
|
Cool -- thanks! If you come back when #980 is done and nobody else if working on this, feel free to snag it again. |
karlcow
added a commit
to karlcow/webcompat.com
that referenced
this issue
May 12, 2017
karlcow
added a commit
to karlcow/webcompat.com
that referenced
this issue
May 12, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Client-side we don't show a TEXTAREA for inputting comments if the user is not logged in via GitHub. However, under the hood non-authed users can still submit comments. They will appear as being posted by webcompat-bot. Usually, this will likely happen by accident - maybe if the user loaded an issue, logged out from GitHub in a different tab, then tried to comment .. or something like that??
Comment POSTing presumably starts the journey through the backend here:
https://github.com/webcompat/webcompat.com/blob/master/webcompat/api/endpoints.py#L214
that method just forwards all bits to api_request
https://github.com/webcompat/webcompat.com/blob/master/webcompat/helpers.py#L401
which, if the user is not logged in, calls proxy_request
https://github.com/webcompat/webcompat.com/blob/master/webcompat/helpers.py#L379
Voila, anonymous posting - right?
The text was updated successfully, but these errors were encountered: