[katello-devel] Org switcher during sign-in
Eric Sammons
esammons at redhat.com
Tue Aug 21 14:45:17 UTC 2012
----- Original Message -----
> On Tue 21 Aug 2012 10:41:39 AM EDT, Eric Sammons wrote:
> >
> >>
> >> +1 to these changes - When there is a default org set for a user,
> >> they should not have to choose it during log in or on the landing
> >> page. If there is only one org, they should not need to select it
> >> either. Less important but for fit and finish, can we adjust the
> >> minimum size of the Org drop down to fit exactly when there are
> >> less
> >> than 4 orgs ( which seems to be the current minimum height) - so
> >> if
> >> there is only one, there is no white space between it and the
> >> 'manage organizations' link? Also, when you do go to the manage
> >> organizations page and then drop the org switcher down, the org
> >> switcher panel is displaying behind the left panel of the 2 pane
> >> in
> >> the version I am accessing. This is clearly a bug and not sure if
> >> it
> >> is already logged.
> >>
> >> Thanks
> >> Malini
> >>
> >
> > As a side, I'm sure folks are aware of this, the org switcher is
> > actually over-laying the login page. If I wanted to I believe I
> > could actually use code to access the hidden password field and
> > other elements that become hidden once the org switcher "rolls
> > in". (I have not tested but I have seen the elements in firebug
> > which means libraries like selenium, BeautifulSoup, etc... should
> > be able to access them).
> >
> > --Eric
>
> Is this a problem? Should we be "deleting" that node from the view
> upon
> submission?
I do not believe it to be a problem, at least I have not hit one yet, more of a FYI. I'm not a web security guy so not sure if it could be a issue or not from a security pov.
--Eric
More information about the katello-devel
mailing list