2022 Nov 17, 01:46 AM
(2022 Oct 26, 11:28 PM)dan Wrote:(2022 Oct 26, 09:25 PM)tutqiunnh Wrote: Hi has anyone seen the following issue with SIP_GET command to change optionsYeah, it looks like the /co GET commands are broken.
http://xx.xx.xx.xx:9580/co?pw=xxxxxxx&loc=12345
returns "method not allowed" message on the web page us to send the command to server
same seems to be true for /co options as well
I have ! in my password but /si, /cv functions seem to work.
I was looking at using o23 option to change the water level in the system.
I guess the monthly adj plugin may be the only work around
Thanks,
There are a couple of reasons for that.
First, the oXX numbers were replaced with variable names quite a while ago. Instead of o23 it would need to be owl for water level (lower case letter o) plus wl for water level.
The other reason, which can be fixed if you don't mind a small edit to the Python code, was a change to improve security a little.
In webpages.py on line 169 there is code that reads "def POST(self): # was GET", If you change POST to GET the /co commands will work. and if you use /co?owl=xx the setting will be updated.
As I recall the GET to POST change was only needed in an edge case involving password access. I will look into changing just that part of the code and restoring the rest of the /co options.
Dan
Dan.
Seems like this is long term problematic as once POST is changed to GET a lot of normal web function stop working. Web page options page becomes non-functional for changes. So I'm headed in a different direction using the run-once functionality which defeats the value of things like setting programs, waterlevel options, etc. Does it make sense to break off the use password and new password options into a separate type of http command group to allow options to be changed without the security risks to the password compromise?
Thanks,