🌍
English
Pages: 1
Hello/Hi/Greetings,
While inspecting webserver logs for another issue, I stumbled at a series of POST requests returning 501.
The log looks quite normal. A stranger (guest) from Internet has come to my gallery from an external web site (a social network site which hides the exact referrer but I know there are posts linking to my gallery) with cold web browser cache and started to browse around, just as many humans would do. Web agent is iPhone. What drawn my attention is that almost any GET'ting an image at non-thubnail size follows by POST which returns 501 like this (identifying details redacted) :
"GET /gallery/_data/i/upload/2020/07/06/20200706175258-9a7670e4-la.jpg HTTP/2.0" 200 114916 "https://www.unseen.photo/gallery/index.php?/category/portfolio" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Mobile/15E148 Safari/604.1" "-"
"POST /gallery/ws.php?format=json&method=smartpocket.images.logHistory HTTP/2.0" 501 282 "https://www.unseen.photo/gallery/index.php?/category/portfolio" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Mobile/15E148 Safari/604.1" "-"
What made me wondering even more is that this activity (except as 3 initial records for requesting the album, not images) is not reflected in the history.
While a client is free to (mal)form any requests and Error 501 is the expected behaviour of ws.php if unknown method is called, the fact that no picture accesses are recorded in history seems to me a bug in piwigo.
Any idea what these POST requests were (there were many) and why picture accesses are not recorded in the database (supposedly this logHistory method is meant to do this)? Where the history is recorded: on the server side or a client calls API to add a new record? If so, are those malformed POST requests indicate a bug in the smartpocket theme?
I have the smartpocket theme (version 11.5.0) installed and activated.
Piwigo URL: https://unseen.photo
Piwigo 11.5.0 Check for upgrade
Operating system: Linux
PHP: 7.4.19 (Show info) [2021-05-31 03:03:42]
MySQL: 5.5.5-10.5.10-MariaDB-log [2021-05-31 06:03:42]
Graphics Library: External ImageMagick 7.0.11-12
Offline
Hi,
the not logging bug in history from smartpocket theme has been noticed as far as in 2018. In my remembrance, if smartpocket is default theme, the bug is not showing anymore. I finally found a hack-patch without really understanding the problem occuring in chronology of methods calls.
[Github] Piwigo issue #911 : No mobile history log when mobile theme not default #911
Offline
TOnin wrote:
https://github.com/Piwigo/Piwigo/issues/911 : No mobile history log when mobile theme not default #911
Hi TOnin,
thank you for your insights! Obviously this is the same issue which I faced. I will try to understand that part of the code when I am not on time pressure.
Last edited by alb (2021-05-31 18:17:20)
Offline
Pages: 1