Activities of "Anjaneyulu"

• ABP Framework version: v8.0.0
• UI Type: MVC
• Database System: EF Core (SQL Server)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
• Exception message and full stack trace:
• Steps to reproduce the issue:
• Create a project

*** Jquery validation version is showing 1.17.0 , but we have got a security scan report which wants us to update to 1.19.5 for security patch

*** I want your help in upgrading the version asap. Thanks.

• ABP Framework version: v3.0.0

• UI Type: MVC

• Database System: EF Core (SQL Server)

• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no

• Exception message and full stack trace:

• Steps to reproduce the issue:

  1. Create a project, Type BaseURL + Error?httpStatusCode=404

Im seeing administrator, settings in the error screen side menu, which i dont want.

How do i overide so that i only show status code.

• ABP Framework version: v7.0.0
• UI Type:MVC
• Database System: EF Core (SQL Server)
• Tiered (for MVC): yes
• Exception message and full stack trace:
• Steps to reproduce the issue:
• Create an application, try to login to application and check login request params in the inspect, password is visible.

• ABP Framework version: v7.3.2
• UI Type: MVC
• Database System: EF Core (SQL Server
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/
• Exception message and full stack trace:

Task was cancelled & 
t Microsoft.EntityFrameworkCore.Storage.RelationalCommand.<ExecuteReaderAsync>d__19.MoveNext() at
 Microsoft.EntityFrameworkCore.Storage.RelationalCommand.<ExecuteReaderAsync>d__19.MoveNext() at 
 Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.<<PopulateSplitIncludeCollectionAsync>g__InitializeReaderAsync|27_0>d`2.MoveNext() at
  Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.&lt;ExecuteAsync&gt;d__7`2.MoveNext() at Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.<PopulateSplitIncludeCollectionAsync>d__27`2.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.&lt;TaskAwaiter&gt;d__37.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable`1.AsyncEnumerator.<MoveNextAsync>d__21.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.<SingleOrDefaultAsync>d__15`1.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.&lt;SingleOrDefaultAsync&gt;d__15`1.MoveNext() at 
  Volo.Abp.Domain.Repositories.EntityFrameworkCore.EfCoreRepository`3.&lt;FindAsync&gt;d__2.MoveNext() at 
  Castle.DynamicProxy.AsyncInterceptorBase.&lt;ProceedAsynchronous&gt;d__14`1.MoveNext() at 
  Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.&lt;ProceedAsync&gt;d__7.MoveNext() at Volo.Abp.Uow.UnitOfWorkInterceptor.&lt;InterceptAsync&gt;d__2.MoveNext() at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.<InterceptAsync>d__3`1.MoveNext() at XSense.Controllers.ComputerController.&lt;GetUserInfo&gt;d__58.MoveNext() in

• Steps to reproduce the issue:

In the GetUserInfo api > I see an exception at >>>>> var userinfo = await identityrepository.FindAsync("userid");

Im getting the above exception when i call this api from APP, but it works fine with postman. I have checked the parameters and all are same.

Can you please let me know the possible cause.

• ABP Framework version: v5
• UI Type: MVC
• • Database System: EF Core (SQL Server)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes
• Exception message and full stack trace:
• Steps to reproduce the issue:

We have created a dotnet project with earlier versions of ABP framework on dotnet 3 and later upgraded the dotnet version to 5 and lepton theme with ABP framwork 5.

Now the issue is our client has raised a black box pointer regarding the datatables.net version of the jquery.

*** The below POC describes that Application is using vulnerable version of datatables.net v1.10.22 below mentioned is the cve id for it: jquery datatables.net v1.10.22 :- CVE-2020-28458,CVE-2021-2344 ***

I need to updagrade the jquery& datatable.net version with out disturbing any other things as the application in production. I need to make sure resolve the pointer in the best way possible. attaching here with the screenshots for your reference.

I do see the follwing in the yarn.lock file :

"@abp/datatables.net-bs4@~3.3.2": version "3.3.2" resolved "https://registry.yarnpkg.com/@abp/datatables.net-bs4/-/datatables.net-bs4-3.3.2.tgz#8f55957f2d9e1558ebef2e42e2661573d7d76447" integrity sha512-oERUHVPldaVL5z4CJX6cFkSBoa5IQUEYyyxGiV8zJ/mzZ7uiV2+hMrSP90R9J4625op9rU2+OJpDoZaj6wsULQ== dependencies: "@abp/datatables.net" "~3.3.2" datatables.net-bs4 "^1.10.21"

"@abp/datatables.net@~3.3.2": version "3.3.2" resolved "https://registry.yarnpkg.com/@abp/datatables.net/-/datatables.net-3.3.2.tgz#7a396dd06f4c7cddae534a59f9b21036b26d234a" integrity sha512-huB1A8aXDpS1CdE4t2NukZxTZnOuGy+8nRGlKVI3kMDD4tRveX5ITfgPEAY/CckcbSwjFP2zqbmFZiuqim7FaQ== dependencies: "@abp/jquery" "~3.3.2" datatables.net "^1.10.21"

Thanks & Appreciate your response ASAP.

• ABP Framework version: v6.0.1

• UI type: MVC

• DB provider: EF Core

• Tiered (MVC) or Identity Server Separated (Angular): yes

• Exception message and stack trace: AutoMapperConfigurationException: The following member on IdentityServer4.Models.ApiResource cannot be mapped:AllowedAccessTokenSigningAlgorithmsAdd a custom mapping expression, ignore, add a custom resolver, or modify the destination type IdentityServer4.Models.ApiResource.Context:Mapping to member AllowedAccessTokenSigningAlgorithms from Volo.Abp.IdentityServer.ApiResources.ApiResource to IdentityServer4.Models.ApiResourceException of type 'AutoMapper.AutoMapperConfigurationException' was thrown.

• Steps to reproduce the issue:"

• Upgrade abp framework from 5.2.0 to 6.0.1

• We are using identity server source code instead of packages.

• ABP Framework version: v5.0.0
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no
• Exception message and stack trace:
• Steps to reproduce the issue:"

1. Create a project

2. Added Validate anitforgery token middleware in .Web project like this

public class ValidateAntiForgeryTokenMiddleware { private readonly RequestDelegate _next; private readonly IAntiforgery _antiforgery;

    public ValidateAntiForgeryTokenMiddleware(RequestDelegate next, IAntiforgery antiforgery)
    {
        _next = next;
        _antiforgery = antiforgery;
    }

    public async Task Invoke(HttpContext context)
    {
        if (HttpMethods.IsPost(context.Request.Method))
        {
           await _antiforgery.ValidateRequestAsync(context);
        }
        else if (HttpMethods.IsPut(context.Request.Method))
        {
            await _antiforgery.ValidateRequestAsync(context);
        }
        await _next(context);
    }
}
public static class ApplicationBuilderExtensions
{
    public static IApplicationBuilder UseAntiforgeryTokens(this IApplicationBuilder app)
    {
        return app.UseMiddleware<ValidateAntiForgeryTokenMiddleware>();
    }
}

3. Added app.UseAntiforgeryTokens(); webmodule.

4. Intercept the requests in burpsuite and remove request verification token in repeater, but still the response is perfect.

Please let us know how to implement validate antiforgery token for both post and get requests as well.

• ABP Framework version: v5.0.1

• UI type: MVC

• DB provider: EF Core

• Tiered (MVC) or Identity Server Separated (Angular): no

• Exception message and stack trace:

• Steps to reproduce the issue:"

• Step 1. We are enqueuing the emails by calling in our code * await _backgroundJobManager.EnqueueAsync(new EmailArgs() { //Object });

But in the below "ExecuteAsync" is being called multiple times in our code.

public class NotificationSendingJob : AsyncBackgroundJob<EmailArgs >, ITransientDependency
{
        
        public NotificationSendingJob()
        {
            
        }
        [UnitOfWork]
        public override Task ExecuteAsync(EmailArgs args)
        {
           
                
                AsyncHelper.RunSync(() => SendNotification(args.TenantId, emailcontent));

                return Task.FromResult(0);
        }
}

We want to restrict it to single time.

• ABP Framework version: v4.4.2
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no
• Exception message and stack trace: Volo.Abp.AbpException: Could not find a file/folder at the location: /Emailing/Templates/EmailTemplate.tpl at Volo.Abp.TextTemplating.VirtualFiles.LocalizedTemplateContentReaderFactory.CreateInternalAsync(TemplateDefinition templateDefinition) at Volo.Abp.TextTemplating.VirtualFiles.LocalizedTemplateContentReaderFactory.CreateAsync(TemplateDefinition templateDefinition) at Volo.Abp.TextTemplating.VirtualFiles.VirtualFileTemplateContentContributor.GetOrNullAsync(TemplateContentContributorContext context) at Volo.Abp.TextTemplating.TemplateContentProvider.GetContentOrNullAsync(ITemplateContentContributor[] contributors, TemplateContentContributorContext context) at Volo.Abp.TextTemplating.TemplateContentProvider.GetContentOrNullAsync(TemplateDefinition templateDefinition, String cultureName, Boolean tryDefaults, Boolean useCurrentCultureIfCultureNameIsNull) at Volo.Abp.TextTemplateManagement.TextTemplates.TemplateContentAppService.GetAsync(GetTemplateContentInput input) in D:\Sandbox\FAB_AMS_Latest_Version\modules\Volo.TextTemplateManagement\src\Volo.Abp.TextTemplateManagement.Application\Volo\Abp\TextTemplateManagement\TextTemplates\TemplateContentAppService.cs:line 36 at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
• Steps to reproduce the issue:"
• 1. Created a Text template as follows for custome code emailing.
• 

2. Added following code In
   1. ApplicationContractModule.cs public override void ConfigureServices(ServiceConfigurationContext context) { Configure
   2. public class DeviceEmailTemplateDefinitionProvider : TemplateDefinitionProvider { public override void Define(ITemplateDefinitionContext context) { var emailLayoutTemplate = context.GetOrNull(StandardEmailTemplates.Layout); emailLayoutTemplate .WithVirtualFilePath( "/Emailing/Templates/EmailTemplate.tpl", isInlineLocalized: true ); context.Add(emailLayoutTemplate); context.Add( new TemplateDefinition( DeviceEmailTemplates.ReSendOTP, displayName: LocalizableString.Create

• ABP Framework version: v4.4.2
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no
• Exception message and stack trace:
• Steps to reproduce the issue:" 1. Create a ABP mvc project
• 2.Set application cookie path to Application folder rather than default root path '/ by

context.Services.ConfigureApplicationCookie(options =>
{
    options.Cookie.Path = "/Arc";
    options.Cookie.SameSite = SameSiteMode.Strict;
    options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
    options.Cookie.IsEssential = true;
    options.Cookie.HttpOnly = true;
});
             

3.. Go to developer tools in the browser and check the path. It is still set to default.