Attached is my attempt of a backport of your own upstream patch (it should apply cleanly against the current Debian collab-maint repo - I hope I did it right...).
-- Rowan Thorpe mailto:ro...@rowanthorpe.com PGP fingerprint: BB0A 0787 C0EE BDD8 7F97 3D30 49F2 13A5 265D CCBD
>From 23ef9b813bd9358957fac5ac33a4b8cf5e7055a1 Mon Sep 17 00:00:00 2001 From: Rowan Thorpe <ro...@rowanthorpe.com> Date: Tue, 23 Dec 2014 17:36:43 +0200 Subject: [PATCH 1/1] Don't spill debug output (backport) --- debian/patches/0008-Dont-spill-debug-output.patch | 39 +++++++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 40 insertions(+) create mode 100644 debian/patches/0008-Dont-spill-debug-output.patch diff --git a/debian/patches/0008-Dont-spill-debug-output.patch b/debian/patches/0008-Dont-spill-debug-output.patch new file mode 100644 index 0000000..7acbe36 --- /dev/null +++ b/debian/patches/0008-Dont-spill-debug-output.patch @@ -0,0 +1,39 @@ +From: Rowan Thorpe <ro...@rowanthorpe.com> +Subject: Stop spilling authentication errors to users + +Address Debian bug #741421 reported by Rowan Thorpe. + +Bug-Debian: http://bugs.debian.org/741421 +Origin: upstream, https://coquelicot.potager.org/gitweb/?p=coquelicot.git;a=commitdiff;h=22bdab9a +Author: Lunar <lu...@anargeek.net> Tue, 6 May 2014 14:09:56 +0000 +--- + lib/coquelicot/app.rb | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/lib/coquelicot/app.rb b/lib/coquelicot/app.rb +index 2c24613..776f49d 100644 +--- a/lib/coquelicot/app.rb ++++ b/lib/coquelicot/app.rb +@@ -278,7 +278,11 @@ module Coquelicot + + error 500..510 do + @error = env['sinatra.error'] || response.body.join +- haml :error ++ if request.xhr? ++ "#{response.body.join}" ++ else ++ haml :error ++ end + end + + get '/style.css' do +@@ -337,6 +341,9 @@ module Coquelicot + 'OK' + rescue Coquelicot::Auth::Error => ex + error 503, ex.message ++ rescue => ex ++ dump_errors! ex ++ error 500, "Issue has been logged." + end + end + diff --git a/debian/patches/series b/debian/patches/series index 796699a..7a06d62 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -5,3 +5,4 @@ 0005-Adjust-paths-to-fit-Debian-packaging.patch 0006-Stop-using-non-free-background-image.patch 0007-Add-support-for-the-Psych-YAML-engine.patch +0008-Dont-spill-debug-output.patch -- 2.1.3
