RESOLVED FIXED122936
Add a new flakiness dashboard clone 
https://bugs.webkit.org/show_bug.cgi?id=122936
Summary Add a new flakiness dashboard clone
Ryosuke Niwa
Reported 2013-10-16 19:34:32 PDT
Add a new flakiness dashboard clone
Attachments
Adds the app (47.75 KB, patch)
2013-10-16 19:44 PDT, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Removed defer attributes (47.73 KB, patch)
2013-10-16 19:49 PDT, Ryosuke Niwa 		andersca: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2013-10-16 19:44:12 PDT
Created attachment 214416 [details] Adds the app
Ryosuke Niwa
Comment 2 2013-10-16 19:49:47 PDT
Created attachment 214418 [details] Removed defer attributes
Ryosuke Niwa
Comment 3 2013-10-16 19:52:00 PDT
My plan is to check this initial version in and then iterate over time instead of trying to address all use cases, etc... We can always delete it if we later find that the existing flamines dashboard is better.
Anders Carlsson
Comment 4 2013-10-16 19:53:57 PDT
Comment on attachment 214418 [details] Removed defer attributes View in context: https://bugs.webkit.org/attachment.cgi?id=214418&action=review > Websites/test-results/index.html:23 > + var urls = removeJunkFromResultsPage(removeJunksFromNRWTStdout(rawInput)).split('\n'); Junks should probably be Junk here.
Ryosuke Niwa
Comment 5 2013-10-16 20:09:07 PDT
Committed r157555: <http://trac.webkit.org/changeset/157555>
Alexey Proskuryakov
Comment 6 2013-10-16 22:48:46 PDT
Is this already deployed on one of webkit.org servers? I have some security concerns that may limit where this can be deployed.
Ryosuke Niwa
Comment 7 2013-10-17 00:02:31 PDT
(In reply to comment #6) > Is this already deployed on one of webkit.org servers? I have some security concerns that may limit where this can be deployed. No. What are your security concerns?
Alexey Proskuryakov
Comment 8 2013-10-17 08:49:19 PDT
Flakiness dashboard is particularly vulnerable because it's a persistent database that any attacker can write arbitrary data to. While there is some validation in report.php, I think that it's best to have multiple layers or protection, ideally by isolating it to its own domain.
Ryosuke Niwa
Comment 9 2013-10-17 12:22:38 PDT
(In reply to comment #8) > Flakiness dashboard is particularly vulnerable because it's a persistent database that any attacker can write arbitrary data to. With that token, the current flakiness dashboard also can also store arbitrary data any attacker sends. > While there is some validation in report.php, I think that it's best to have multiple layers or protection, ideally by isolating it to its own domain. Indeed. We'll probably host it at test-results.webkit.org.
Note You need to log in before you can comment on or make changes to this bug.