Use POST to change user selected language #10725
Comments
techknowlogick
added
the
type/proposal
lafriks
added
type/enhancement
|
This issue has been automatically marked as stale because it has not had recent activity. I am here to help clear issues left open even if solved or waiting for more insight. This issue will be closed if no further activity occurs during the next 2 weeks. If the issue is still valid just add a comment to keep it alive. Thank you for your contributions. |
techknowlogick
added
issue/confirmed
|
So some investigation into this: The i18n library we use already supports accepting language change requests via POST already Now, of course we can't have a POST to every route changing languages as not all routes support GETs (as we can see from my example that the explore page 404s), this means that no logic for handling changing language needs to be added, however an approach like I suggested above (using a special route) may be the best path. The special route, instead of handling language changes, would just redirect the user back to the page they were on. Redirects are always a tricky thing when it comes to security, but likely any concerns can be alleviated using CSRF params in the form. |
|
Can we just use an Ajax call to change the language and then perform a page reload? There's also a unnecessary |
Looking at logs of various Gitea instances, many robots crawl the change language functionality resulting in many additional pages indexed.
Perhaps we could change the "switch user language" functionality to POST so that a GET isn't an action that changes something. Similar to how logout, star, and user follow actions work now. I'm thinking an endpoint
/switch_user_language, and areturn_toquery param to bring the user back to the page that they were on.The text was updated successfully, but these errors were encountered: