•  
      request #12343 Unable to upload files using the artifact modal on Chrome 64
    Infos
    #12343
    Joris MASSON (jmasson)
    2018-10-02 11:33
    2018-10-01 18:01
    12343
    Details
    Unable to upload files using the artifact modal on Chrome 64
    On Chrome 64, when I try to upload an attachment using the angular artifact modal (in kanban, TestManagement or Scrum Planning)
    Then the attachment is silently ignored and nothing is uploaded.
    When I browse to the file again, no attachments are set.

    On the technical side, this comes down to the fact that we used event type "input" to detect changes on "File" field inputs. Much to my surprise, this worked on IE11 but not on Chrome 64. Later versions such as Chrome 68 and 69 worked too.
    Thus, since no change was detected on the input, it was not uploaded and (rightly) silently skipped.
    I was not able to pinpoint what changed after Chrome 64, anyway it seems safer to rely on a "change" event.
    Empty
    Agile Dashboard
    10.3
    Empty
    Empty
    Stage
    Empty
    Closed
    2018-10-02
    Attachments
    Empty
    References

    List of items referenced by or referencing this item.

    Artifact Tracker v5

    Follow-ups

    • User avatar
      I agree with Thomas. I did the patch but really the proper fix is to update the browser.
    • User avatar
      Patch makes sense and works on up to date browsers, merged in Tuleap 10.5.99.86.

      • Status changed from Under review to Closed
      • Connected artifacts
      • Close date set to 2018-10-02
    • User avatar
      To be honest, I'm not really sure we should provide bugfixes for browsers that are not supported by vendors anymore. Users running an outdated version of a browser face a security risk as security vulnerabilities are not unusual. Browsers are a prime targets for attackers and they have a large attack surface. Providing patches for outdated browsers does not encourage users (or the IT department of these users) to update their environment which is bad from a security point of view.

      In the present case Chrome/Chromium is not supported since the beginning of March (~ 6 months).

      It's also not easy or even conceivable for developers (a.k.a us) to test against the whole set of the browser versions users might end up using.


      A fix has been done already so let's review it and merge it but I'm lowering the severity of the issue, users should update their browsers (and the rest of their environment while they are at it).
    • User avatar
      gerrit #12727 is under review

      • Status changed from Under implementation to Under review