wohali Posted March 21, 2021 Share Posted March 21, 2021 So I logged into the ACP today to find the warning about the "XSS when building lightbox images" patch needing applied. The only way to get this applied, if you believe the text, is to follow the prompts to apply the patch. This will never work for this site, because inbound (s)ftp is disabled to the site. (Access requires VPN credentials that I will never directly supply to IPS.) It would be nice if there was a "How do you want to install this patch?" prompt, or a toggle to disable the FTP approach, so that an admin can be prompted to load into the Client Area and download the release to apply the patch. Alternatively, if there is a way to simply download JUST the delta patch ZIP/TAR in that process thru the browser, then instruct the admin to place it on the server directly, that'd be even better. Is this a reasonable request? Link to comment Share on other sites More sharing options...
Management Lindy Posted March 21, 2021 Management Share Posted March 21, 2021 It should fetch the delta via http. FTP is a forced option. Double check the file / dir permission requirements and submit a ticket if those are correct and it's still prompting for FTP. Link to comment Share on other sites More sharing options...
wohali Posted March 22, 2021 Author Share Posted March 22, 2021 Thanks Lindy. The Support page says all perms are correct. Where do you want the ticket filed? FTR, I don't need help maintaining my server, I just want it to pull down the file with my creds and skip the FTP to complete the local install. Link to comment Share on other sites More sharing options...
CoffeeCake Posted March 22, 2021 Share Posted March 22, 2021 @wohali, I think @Lindy is misunderstanding your question. This is exactly how we download updates--we step through the installer, download them locally when given the option, and then put the files into our production server using our deployment mechanisms. We do not have sftp open to the world, and we manage code changes via git. We step through the updater, provide IPS credentials, and then click the link (look carefully for it) that says something like "I'll upload these changes myself." You will then get a zip file with delta changes in your browser (only the files that have changes to them), and can use whatever your process is to deploy those files. Alternatively, log into the Client Area and download the suite. This will include all files (not just those changed between the release you've deployed and the latest). wohali 1 Link to comment Share on other sites More sharing options...
wohali Posted March 22, 2021 Author Share Posted March 22, 2021 Great! There's no patch pending right now, so I can't confirm what you just said... next patch that is pushed, I'll look for that link carefully next time. Link to comment Share on other sites More sharing options...
Recommended Posts