[Adium-devl] Burning Duck 2.0
Graham Booker
adium at cod3r.com
Wed Dec 20 14:00:16 UTC 2006
On Dec 20, 2006, at 6:24 AM, Christopher Forsythe wrote:
>
>
>> == Display ==
>> Pretty much like the old one?
>
> The old one was hard to read in a lot of ways, it'd be nice if we
> could get some kind of newer template for it.
>
>> * Hide email address and description for those not logged in
>> descripton may contain trade secrets (e.g. “I clicked on the
>> Secret Leopard Menu and…”)
>
> I don't know if I like people being able to just look at crash
> reports all willy nilly to be quite honest. It's a developer
> resource, not something that users can use. If we however let them in
> then they are going to be doing all sorts of random things, like
> searches that will take a while and then cause resource problems,
> potentially.
>
> So what's the argument that non-devs/contributors should be able to
> access crash reports other than their own?
>
Ideally, I think that we would want a user to only be able to view
crash reports they have submitted and nothing else. To that end, I
have an idea. When the user submits a crash report, they are given a
URL. This URL is similar to the developer's URL, except it also
contains a "key" which is unique to the crash log. This way, the
user is able to see their own crash log, because they are provided a
key which works for that log, and the developers can see all crash
logs without the key. Maybe something along the lines of:
http://burningduck.adiumx.com/crashes/12345678?key=F6C439E2A
or
http://burningduck.adiumx.com/crashes/12345678/F6C439E2A
A simple way to generate such one-time keys would be to do a hash of
the crashlog. So, if the someone accesses a crashlog, and they are
not logged in, then the key is checked. If the key matches, display
the log, otherwise give them a permission denied. If the person is
logged in, give them developer access.
More information about the devel
mailing list