Opened 10 years ago
Closed 10 years ago
#5959 closed enhancement (fixed)
Long cookie value can lead to 414 Long Request Error resulting in BP Autocomplete AJAX failing
Reported by: | psycleuk | Owned by: | boonebgorges |
---|---|---|---|
Milestone: | 2.2 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Core | Keywords: | good-first-bug needs-testing has-patch |
Cc: |
Description
Although in the ticket #4606 there was a change to convert
encodeURIComponent(document.cookie)
to
bp_get_cookies()
there is still one entry of the former within jquery.autocomplete.js (now deprecated due to #5735), see https://buddypress.trac.wordpress.org/browser/trunk/src/bp-core/deprecated/js/autocomplete/jquery.autocomplete.js?rev=8559#L329
Whilst waiting for #5735 to modernise all the JS should it be wise to update the existing autocomplete too?
Attachments (2)
Change History (11)
#1
@
10 years ago
- Keywords needs-patch good-first-bug added
- Milestone changed from Awaiting Review to Future Release
- Type changed from defect (bug) to enhancement
#2
@
10 years ago
Have created a patch for the autocomplete.js, assuming that the .min version would be created automatically elsewhere. The change is what i'm already using on a site.
#3
@
10 years ago
- Milestone changed from Future Release to 2.2
- Owner set to boonebgorges
- Status changed from new to accepted
#4
@
10 years ago
If we're going to use bp_get_cookies()
, then we should add BP's front-end JS as a dependency. This is a bit tricky; see #5797.
#5
@
10 years ago
Ah I see what you mean. bp_get_cookies()
is only available if the site uses the legacy buddypress.js which might not happen. How about a duplicate of that function directly within the autocomplete.js?
#6
@
10 years ago
Yeah, that's not a bad idea, I suppose. It'll have to be namespaced or something just in case it's loaded alongside bp-legacy's js.
#7
@
10 years ago
How about the second patch? Puts the same code as bp_get_cookies()
directly into the autocompleter
object.
I think we didn't change this because it's sort of a legacy external library. That said, I don't think we've ever updated it, so I don't see any harm in the change :)