neil
(Neil Lalonde)
March 7, 2016, 6:43pm
6
I tested the change and it’s safe. Sessions aren’t invalidated. I committed the change today.
Serving multiple Discourse instances from different paths on the same domain will most likely work now, but note that the instances can’t be served from one multisite setup . Multisite is still keyed off of domain, not path.
3 Likes
@neil
I have 2 discourse setups.
setup 1 running from www.site.com/d1/
setup 2 running from www.site.com/d2/
Problems noticed
I cannot remain logged into both the discourse setups at the same time
If I am logged into d1 and I refresh d2 I am logged out of d1.
More information about the setup:
Both are running in their own docker containers using their own DB
installed using discourse_docker
version is 1.9 beta2
4 Likes
sam
(Sam Saffron)
June 20, 2017, 1:13pm
8
Yeah we have a bug here:
https://github.com/discourse/discourse/blob/master/lib/auth/default_current_user_provider.rb#L157-L170
We need to explicitly add the path there, just like session has the path.
Unfortunately fixing this will log everyone off on all subfolder installs, but still, it is probably worth fixing.
@neil maybe look at adding path there?
3 Likes
@neil let me know once you commit the fix … I can check it out if it works …
neil
(Neil Lalonde)
June 20, 2017, 5:31pm
10
@vikaskedia I pushed a fix so please try it out.
1 Like
Ok I am following the steps here to upgrade:
If you self-host Discourse, you occasionally need to run a manual update via the command line to get the latest security releases newest libraries. These updates are not picked up in admin/upgrade, which is why you’ll occasionally need to do this additional step.
Discourse itself should be updated about twice a month, by clicking the “Update to Latest Version” button in your admin dashboard ( admin/upgrade). We do beta releases roughly once every week.
Every two months we recommend SSH’ing…
and will let you know soon
@neil damm man … it works !!
I am successfully logged into
www.site.com/d1/
and
www.site.com/d2/
Very good …
4 Likes
@neil I just started getting “internal server error 500” can this be related to the above fix …
The error auto corrects itself in a couple of minutes. So it seems to indicate it is the “rate limiting” issue.
But this is just me using the site and its a beefy server …
and i am seeing it for the first time after i upgraded.
neil
(Neil Lalonde)
June 20, 2017, 8:27pm
14
Looks like your subfolder is missing? “/subfolder/faq”
If the subfolder was missing the error will come all the time.
This error is a transient error …
neil
(Neil Lalonde)
June 20, 2017, 9:53pm
16
It sounds like another problem we saw today. @sam seems like this code is being hit in this case too? The cookie is invalid now?
2 Likes
sam
(Sam Saffron)
June 20, 2017, 9:58pm
17
I tested on local and it tries to reset the cookie, I guess it is failing cause it can no longer reset the cookie from the top level path
3 Likes
Let me know when you release a fix … I will check it out …
sam
(Sam Saffron)
June 21, 2017, 3:12pm
20
Try deleting cookies, does the problem go away?
@sam I took your suggestion … deleted all the cookies and I still hit the bug.
Please see the attached video:
neil
(Neil Lalonde)
June 21, 2017, 6:48pm
22
I can go back and forth between two sites at the same domain, different subfolders, and I don’t see anything out of the ordinary hitting the auth logs.
6 - seen token
5 - rotate
4 - seen token
3 - rotate
...
Those don’t happen very often.
@neil I can give you access to my system remotely if it helps you debug.
I am able to replicate the bug in the video every time.
neil
(Neil Lalonde)
June 21, 2017, 6:54pm
24
I believe you, but subfolder debugging… ugh. Still working on it.
neil
(Neil Lalonde)
June 21, 2017, 7:51pm
25
So you deleted your cookies but still have the problem?