-
Notifications
You must be signed in to change notification settings - Fork 8.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix historical version compatibility problem for auth check via localStorage #1473
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@zhaoyuguang Could you please help review the code? |
sczyh30
added
area/dashboard
Issues or PRs about Sentinel Dashboard
to-review
To review
labels
May 11, 2020
LGTM |
sczyh30
approved these changes
May 15, 2020
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
linlinisme
added a commit
to linlinisme/Sentinel
that referenced
this pull request
Nov 24, 2020
* calculate process cpu usage to support application running in container environment * Enhance reliability and performance of InMemoryMetricsRepository (alibaba#1319) * Fix InMemoryMetricsRepository can't keep the last five minutes metrics data problem and Improve read-write performance * Use TimeUtil.currentTimeMillis() replace System.currentTimeMillis() for better performance * dashboard: Support setting value pattern for client IP and host in gateway flow rule dialog (alibaba#1325) * doc: Update JDK requirement of the dashboard in README.md (alibaba#1316) * Following discussions in alibaba#1315 * Add "web-context-unify" config in Spring WebMVC adapter to support "chain" relation flow strategy (alibaba#1328) * Fix the parsing issue in large post request for sentinel-transport-simple-http (alibaba#1255) * Add gateway adapter for Zuul 2.x (alibaba#1138) - also add demo for Zuul 2.x adapter * Polish code and demo of Sentinel Zuul 2.x adapter Signed-off-by: Eric Zhao <[email protected]> * Polish code of transport command centers and heartbeat senders Signed-off-by: Eric Zhao <[email protected]> * Polish logging SPI related code and add general JUL adapter for Logger SPI (alibaba#1338) * Move the legacy JUL methods from LogBase to BaseJulLogger. * Add a JavaLoggingAdapter as the general JUL adapter for the Logger SPI, which makes it convenient to use (as the default logger). * Add LoggerSpiProvider to resolve Logger SPI. * Polish the logback demo. Signed-off-by: Eric Zhao <[email protected]> * Move CommandCenterLog to sentinel-transport-common and polish related code (alibaba#1341) Signed-off-by: Eric Zhao <[email protected]> * Polish placeholders in logging content to slf4j convention (alibaba#1342) * Polish placeholders in logging content to "{}" Signed-off-by: Eric Zhao <[email protected]> * Fix timezone problem of sentinel-block.log Signed-off-by: Eric Zhao <[email protected]> * dashboard: Fix NoNodeException problem of FlowRuleZookeeperProvider example (alibaba#1352) * Introduce logging extension: slf4j (alibaba#1344) * Regroup packages related to logging into a separate module and polish document (alibaba#1355) * Fix CI failure in JDK 11 environment (alibaba#1360) * Supplement missing javax.annotation-api to sentinel-cluster-server-envoy-rls and sentinel-demo-zuul2-gateway * Upgrade mockito-core to 2.28.2 (up to date) * Fix the bug that context was not released when blocked in Spring Web adapter (alibaba#1353) * Improve standard output message in LogBase (alibaba#1357) * Complete the unit tests for sentinel-logging-slf4j module (alibaba#1358) * refactor: Make the ProcessorSlot itself as SPI and deprecate legacy slot chain builder (alibaba#411) * Make slots loaded by SPI, mark all slots with @SpiOrder from -10000 to -1000, improve comment * Reserve gateway and param slot chain builder (just extends DefaultSlotChainBuilder) and mark them as @deprecated * Force modifyRule command handler to fail if an incompatible old fastjson found (alibaba#1377) * Note that this is only a temporary solution. * Set default log level of JDK logging to INFO and polish code of SpiLoader (alibaba#1365) * Improve log info in SpiLoader, improve comment and test case * Use error level in catch block, init ArrayList with capacity and improve add item to list * doc: Polish README.md of sentinel-cluster-server-envoy-rls module Signed-off-by: Eric Zhao <[email protected]> * dashboard: Hide advanced options in flow rule dialog when cluster mode is enabled (alibaba#1367) * doc: Update README.md Signed-off-by: Eric Zhao <[email protected]> * Update fastjson to 1.2.68 Signed-off-by: Eric Zhao <[email protected]> * Bump version to 1.7.2 Signed-off-by: Eric Zhao <[email protected]> * Fix the bug of extracting request cookie in Spring Cloud Gateway adapter (alibaba#1400) * Bump version to 1.8.0-SNAPSHOT Signed-off-by: Eric Zhao <[email protected]> * Add JAX-RS adapter (alibaba#1396) * Fix the bug of misplaced locks in ContextUtil and ClusterNode (alibaba#1429) - which may lead to IllegalMonitorStateException in unlock() when unchecked error occurs during lock() * fix: Tracer does not trace exception to DefaultNode (alibaba#1068) * Support setting project.name via the properties file and deprecate legacy config path (alibaba#1412) * Update resolving logic of project name and polish SentinelConfig (alibaba#1437) Signed-off-by: Eric Zhao <[email protected]> * Refactor the mechanism of recording error in Entry and StatisticSlot * Also polish related complete callbacks Signed-off-by: Eric Zhao <[email protected]> * Polish Tracer with entry.setError(ex) mechanism Signed-off-by: Eric Zhao <[email protected]> * dashboard: Remove duplicate code in MetricEntity (alibaba#1441) * dashboard: Fix the bug that cookie may have conflict with web applications under the same domain (alibaba#1443) * Improve deprecated ParameterMetric purge mechanism (alibaba#1372) * Clear useless data in ParameterMetric for all removed rules * Polish code comments of the fundamental Sph/SphO/SphU class Signed-off-by: Eric Zhao <[email protected]> * Add OkHttp integration (alibaba#1456) * dashboard: Fix historical version compatibility problem for auth check via localStorage (alibaba#1473) * Add exceptionPredicate in Tracer for customized exception filtering logic (alibaba#1496) * test: Add test cases for Tuple2 (alibaba#1501) Signed-off-by: yunfeiyanggzq <[email protected]> * Add support for extracting param from complex object (alibaba#1491) * This could enable specified parameter flow control for customized objects. * Support setting class-level defaultFallback for annotation extension (alibaba#1493) * Add unit test for logging/TokenBucket (alibaba#1504) Signed-off-by: yunfeiyanggzq <[email protected]> * Fix sentinel-apache-dubbo-adapter full GC bug (alibaba#1431) * Polish RocketMQ PullConsumerDemo to make code clear (alibaba#1528) * Add unit test for cluster/FlowResponseDataDecoder (alibaba#1514) Signed-off-by: yunfeiyanggzq <[email protected]> * Improve consumer filter of Dubbo 2.6.x and 2.7.x adapter (alibaba#1532) * entry and exit with params in consumer filter * Polish sentinel-opensource-eco-landscape-en.png Signed-off-by: Eric Zhao <[email protected]> * Add annotation extension for Java EE CDI (alibaba#1541) * Add Sentinel annotation and JAX-RS plugins for Quarkus (alibaba#1542) * Add sentinel-quarkus-adapter module, which provides sentinel-annotation-quarkus-adapter and sentinel-jax-rs-quarkus-adapter to adapt sentinel-annotation-cdi-interceptor and sentinel-jax-rs-adapter for Quarkus. It also provides sentinel-native-image-quarkus-adapter to support running Sentinel with Quarkus in native image mode. * Polish document and code of Sentinel annotation CDI extension Signed-off-by: Eric Zhao <[email protected]> * Upgrade fastjson to 1.2.71 (alibaba#1545) * Add file.encoding JVM args in maven-surefire-plugin to avoid charset problem (alibaba#1550) * Add annotation CDI demo and Quarkus adapter demo (alibaba#1543) * Polish document and rearrange package for Quarkus and JAX-RS adapter Signed-off-by: Eric Zhao <[email protected]> * Support customized origin parser in legacy Dubbo 2.6.x adapter (alibaba#1555) * Add Eureka data-source extension (alibaba#1502) * Upgrade nacos-client version to 1.3.0 in sentinel-datasource-nacos (alibaba#1576) * demo: Update slot chain SPI demo (alibaba#1581) Signed-off-by: yunfeiyanggzq <[email protected]> * Add explicit null checking for charset in SimpleHttpClient#encodeRequestParams (alibaba#1589) * Adapter: Support Apache HttpClient (alibaba#1455) Introduce support through a customized client builder `SentinelApacheHttpClientBuilder`. * doc: Fix mistakes in README.md of sentinel-zuul-adapter (alibaba#1593) * Fix incorrect protocol description in FlowRequestData writer/decoder (alibaba#1607) Signed-off-by: yunfeiyanggzq <[email protected]> * Refactor config mechanism for OkHttp adapter and polish related code - One config per interceptor instead of the global config - Polish document and demo Signed-off-by: Eric Zhao <[email protected]> * test: Add unit test for sentinel-cluster-server and polish code (alibaba#1529) Signed-off-by: yunfeiyanggzq <[email protected]> * Refactor degrade hierarchy with new circuit breaker mechanism and improve strategy * Add `CircuitBreaker` abstraction (with half-open state) and add circuit breaker state change event observer support. * Improve circuit breaking strategy (avg RT → slow request ratio) and make statistics of each rule dependent (to support arbitrary statistic interval). * Add simple "trial" mechanism (aka. half-open). * Refactor mechanism of metric recording and state change handling for circuit breakers: record RT and error when requests have completed (i.e. `onExit`, based on alibaba#1420). Signed-off-by: Eric Zhao <[email protected]> * Update test cases for circuit breaking Signed-off-by: Eric Zhao <[email protected]> * Update demo for circuit breaking (DegradeRule) Signed-off-by: Eric Zhao <[email protected]> * test: Update test cases with new degrade mechanism in sentinel-demo-quarkus Signed-off-by: Eric Zhao <[email protected]> * Remove deprecated passCheck() in Rule and polish interface Signed-off-by: Eric Zhao <[email protected]> * Polish cluster flow control demo: add port in Nacos address (alibaba#1655) Signed-off-by: yunfeiyanggzq <[email protected]> * Polish boolean checking in test cases and dashboard (alibaba#1664) * Remove unused code in TokenServerHandler#channelActive (alibaba#1667) Signed-off-by: cj <[email protected]> * Optimize the order of slots in ProcessorSlot SPI config (alibaba#1649) * Fix the bug of circuit breaker half-open state transformation when request is blocked by upcoming rules (alibaba#1645) * Refactor the workflow to fix the bug that circuit breaker may remain half-open state forever when the request is blocked by upcoming rules: revert the state change in exit handler (as a temporary workaround) * Add exit handler in Entry as a per-invocation hook. * Polish CircuitBreaker interface and update comments - Only carry context in tryPass/onComplete method (this might be generic in upcoming versions) Signed-off-by: Eric Zhao <[email protected]> * Refactor exit handler mechanism of Entry - Rename: whenComplete -> whenTerminate - Execute the exit handler directly after the onExit hook of all slots Signed-off-by: Eric Zhao <[email protected]> * Add extended interface for metric extension hook to support distinguishing traffic type (alibaba#1665) - Add EntryType args to all hook methods * dashboard: Refactor degrade service/controller and adapt to new features Signed-off-by: Eric Zhao <[email protected]> * Polish Dubbo 2.6.x adapter and unify callback registry into DubboAdapterGlobalConfig (alibaba#1572) * Unify Dubbo callback registry (for fallback and origin parser) into DubboAdapterGlobalConfig * Polish default fallback implementation (wrap exception with RpcResult rather than directly throw it out) Signed-off-by: Eric Zhao <[email protected]> * Refactor extended MetricExtension interface (matching events in Sentinel) - Unify the extended interface as a few event handlers: onPass, onBlocked, onComplete and onError - Polish related code Signed-off-by: Eric Zhao <[email protected]> * Support customized origin parser in Apache Dubbo 2.7.x adapter and unify config (alibaba#1617) * Support customized origin parser in Apache Dubbo 2.7.x adapter * Unify Dubbo callback registry (for fallback and origin parser) into DubboAdapterGlobalConfig * Polish default fallback implementation (wrap exception with RpcResult rather than directly throw it out) * Polish code and README.md of sentinel-datasource-eureka Signed-off-by: Eric Zhao <[email protected]> * webmvc-adapter: improve to avoid ErrorEntryFreeException (alibaba#1533) If entry already exists in request just skip creation. * adapter: Add test cases for Spring WebFlux HandlerFunction (alibaba#1678) * Add RuntimeException converting method in BlockException and polish logic for validation Signed-off-by: Eric Zhao <[email protected]> * Fix NPE bug and improve default fallback in Dubbo 2.7.x adapter - Fix NPE bug in consumer filter (when non-biz error occurred) - Improve default fallback in Dubbo 2.7.x adapter: convert the BlockException to a simple RuntimeException (with necessary message) - Polish code and comments Signed-off-by: Eric Zhao <[email protected]> * Improve compatibility for dispatched servlet request in Spring Web adapter (alibaba#1681) * Bump version to 1.8.0 Signed-off-by: Eric Zhao <[email protected]> * Update README.md Signed-off-by: Eric Zhao <[email protected]> * Bump version to 1.8.1-SNAPSHOT Signed-off-by: Eric Zhao <[email protected]> * Fix typo in CircuitBreakingIntegrationTest (alibaba#1688) Signed-off-by: yunfeiyanggzq <[email protected]> * Pre-calculate intervalInSecond in LeapArray to reduce redundant calculation (alibaba#1700) * doc: Fix typo in code comments (alibaba#1721) * Solve the URI fetching bug in sentinel-zuul-adapter alibaba#1109 (alibaba#1605) Use `getRequestURI` instead of `getServletPath` to get URI of current request(Both in prefix and regex matching). * Fix NPE bug when updating gateway flow rules before the route/API has been requested once (alibaba#1729) * Make NettyTransportClient.getCurrentId() thread safe (alibaba#1707) Fix issue alibaba#1705. - Use CAS to make it thread safe and limited in the declared range. Signed-off-by: cj <[email protected]> * Add attributes of cluster concurrency limiting in ClusterFlowConfig Signed-off-by: yunfeiyanggzq <[email protected]> * Add concurrency token request/release operation in TokenService Signed-off-by: yunfeiyanggzq <[email protected]> * Add basic cluster concurrency limiting impl in token server module Signed-off-by: yunfeiyanggzq <[email protected]> * Add unit tests for cluster concurrent limiting checker Signed-off-by: yunfeiyanggzq <[email protected]> * doc: Fix content in README.md of sentinel-dashboard (alibaba#1737) * Fix the dependency conflict issue * Optimize logging statements using placeholder (alibaba#1736) * Optimize logging statements using placeholder to avoid unnecessary concatenation (issue alibaba#1735) * Polish document and name of parameter (alibaba#1738) - doc: Fix a typo in description of booting options for sentinel-dashboard - Fix mismatched name of parameter to its comment for VersionUtils.parseVersion() * Fix potential concurrency issue when updating flow rules (alibaba#1783) * test: Fix overrunning test `FlowRuleManagerTest.testLoadAndGetRules` (alibaba#1823) Signed-off-by: Jason Joo <[email protected]> * Improve default block fallback logic in Dubbo 2.6.x adapter to avoid serialization problem (alibaba#1794) - convert BlockException to a simple RuntimeException (with necessary message) * Fix the problem that requests will never be blocked when slowRatioThreshold = 100% (alibaba#1779) * CI: Polish dependencies for ARM64 and add ARM64 job to Travis CI (alibaba#1765) 1. Added ARM64 architecture in .travis.yml 2. Updated 'embedded-consul' version to 2.2.0, 'consul-api' version to 1.4.5 for ARM64 support. 3. Updated grpc.version for 'io.grpc:protoc-gen-grpc-java' to 1.30.2, for ARM64 support. Signed-off-by: odidev <[email protected]> * [feat alibaba#1839]: Make dashboard support deploying under subpath (alibaba#1851) * dashboard: Add statIntervalMs field in DegradeRule dialog (alibaba#1781) Co-authored-by: tianhao <[email protected]> Co-authored-by: jy2156121 <[email protected]> Co-authored-by: Olof <[email protected]> Co-authored-by: cdfive <[email protected]> Co-authored-by: Jason Joo <[email protected]> Co-authored-by: tao.zhang <[email protected]> Co-authored-by: Eric Zhao <[email protected]> Co-authored-by: WongTheo <[email protected]> Co-authored-by: 于玉桔 <[email protected]> Co-authored-by: Zhiguo.Chen <[email protected]> Co-authored-by: seasidesky <[email protected]> Co-authored-by: haifeng <[email protected]> Co-authored-by: johnli <[email protected]> Co-authored-by: zhenxianyimeng <[email protected]> Co-authored-by: pleasecheckhere2016 <[email protected]> Co-authored-by: ZhiQiang Gu <[email protected]> Co-authored-by: zechao zheng <[email protected]> Co-authored-by: yangy <[email protected]> Co-authored-by: xiby <[email protected]> Co-authored-by: iron_city <[email protected]> Co-authored-by: Bo <[email protected]> Co-authored-by: HupJ <[email protected]> Co-authored-by: Peine <[email protected]> Co-authored-by: cj <[email protected]> Co-authored-by: Bill Yip <[email protected]> Co-authored-by: liqiangz <[email protected]> Co-authored-by: mikawudi <[email protected]> Co-authored-by: dani3lWong <[email protected]> Co-authored-by: cj <[email protected]> Co-authored-by: yunfeiyanggzq <[email protected]> Co-authored-by: Luke <[email protected]> Co-authored-by: HelloCoCooo <[email protected]> Co-authored-by: nickChenyx <[email protected]> Co-authored-by: Weihua <[email protected]> Co-authored-by: 王振广 <[email protected]> Co-authored-by: Lynx <[email protected]> Co-authored-by: odidev <[email protected]> Co-authored-by: Brent <[email protected]>
hughpearse
pushed a commit
to hughpearse/Sentinel
that referenced
this pull request
Jun 2, 2021
…k via localStorage (alibaba#1473)
CST11021
pushed a commit
to CST11021/Sentinel
that referenced
this pull request
Nov 3, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Describe what this PR does / why we need it
The login page is added in version 1.6.0 of dashboard. At that time, the value of localstorage is the object object object. In version 1.7.0, the login free function is added through the configuration parameter
-Dauth. Enabled=false
. The value of localstorage is changed to the JSON object storage. If the browser in the old version does not click to log out, this problem will occur when the console is upgraded and visit the page for the first time.Does this pull request fix one issue?
Fixes #1449
Describe how you did it
Add
try catch
block when parse json fromsession_sentinel_admin
item in localStorage,if error happens while parsing, remove item in localStorage and redirect to login page.
Describe how to verify it
Simulate the scene by executing
$window.localStorage.setItem({username:"111"})
in consolewith breakpoint in
header.js
, check if redirect to login page as expected.Special notes for reviews
NONE