blob: 733579ffa24d8523ddd12ca7ed1a6b1febb7fc7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
With IkiWiki 3.20200202.3, [[plugins/aggregate]]'s web trigger sends it's response as HTTP 200, Content-Type: text/plain, followed by a payload that seems to include a Content-type in the body accidentally, and a bunch of HTML:
qusp▶ GET -e "https://$redacted/ikiwiki?do=aggregate_webtrigger"
Enter username for Git Access at REDACTED:443: admin
Password:
200 OK
Connection: close
Date: Mon, 20 Apr 2020 08:27:39 GMT
Server: nginx/1.14.2
Content-Length: 2467
Content-Type: text/plain
Client-Date: Mon, 20 Apr 2020 08:27:39 GMT
Client-Peer: 31.51.75.214:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
Client-SSL-Cert-Subject: /CN=REDACTED
Client-SSL-Cipher: ECDHE-RSA-CHACHA20-POLY1305
Client-SSL-Socket-Class: IO::Socket::SSL
Aggregation triggered via web.
Content-type: text/html
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
…
Looking at the source it's fairly clear why:
<http://source.ikiwiki.branchable.com/?p=source.git;a=blob;f=IkiWiki/Plugin/aggregate.pm;hb=HEAD#l76>
I guess it was never intended for a human to see this output. I've found it useful to add a link button to some private pages to manually trigger the web hook,
something like
<a class=feedbutton href=https://REDACTED/ikiwiki?do=aggregate_webtrigger>webtrigger</a>
So it would be nice if the payload was sent with a HTML content-type (which wouldn't hurt cron jobs or clients that ignore the body anyway)
*— [[Jon]], 2020-04-20*
|