On 02/26/2014 09:47 PM, Adam King wrote:
The kimchi UI overlays the login form over whatever is being displayed when the session becomes invalid. The defect describes how open menus are left above part of the login overlay in the zOrder, leaving an undesirable visual mashup. Additionally, information about the userID and the defined VMs remained visible if grayed, representing a potential security exposure.
This patch removes any information form the UI that could be deemed sensitive whenever the session times out.
Signed-off-by: Adam King <rak@linux.vnet.ibm.com> --- ui/js/src/kimchi.main.js | 2 ++ ui/pages/kimchi-ui.html.tmpl | 2 +- ui/pages/tabs/guests.html.tmpl | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/ui/js/src/kimchi.main.js b/ui/js/src/kimchi.main.js index 6bae95f..80c49c0 100644 --- a/ui/js/src/kimchi.main.js +++ b/ui/js/src/kimchi.main.js @@ -156,6 +156,8 @@ kimchi.main = function() { if (jqXHR['status'] === 401) { kimchi.user.showUser(false); kimchi.previousAjax = ajaxSettings; + //$(".empty-when-logged-off").empty(function() {$(this).empty()});
You can remove the commented line above
+ $(".empty-when-logged-off").empty(); kimchi.window.open({ url: 'login-window.html', id: 'login-window-wrapper' diff --git a/ui/pages/kimchi-ui.html.tmpl b/ui/pages/kimchi-ui.html.tmpl index abc67c3..eb3cd9d 100644 --- a/ui/pages/kimchi-ui.html.tmpl +++ b/ui/pages/kimchi-ui.html.tmpl @@ -72,7 +72,7 @@ <li> <div id="user" class="popable"> <span id="user-icon"></span> - <span id="user-name"></span> + <span id="user-name" class="empty-when-logged-off"></span> <span class="arrow"></span> <div class="action-panel popover right-side"> <a id="btn-help" class="user-menu-item" href="javascript:void(0);">$_("Help")</a> diff --git a/ui/pages/tabs/guests.html.tmpl b/ui/pages/tabs/guests.html.tmpl index 8ab51b3..3aa2fdd 100644 --- a/ui/pages/tabs/guests.html.tmpl +++ b/ui/pages/tabs/guests.html.tmpl @@ -41,7 +41,7 @@ <li class="guest-tile">$_("Livetile")</li> <li class="guest-actions">$_("Actions")</li> </ul> - <ul id="guestList" class="list-vm"> + <ul id="guestList" class="list-vm empty-when-logged-off"> </ul> </div> <div id="noGuests" class="list-no-result" style="display: none;">