网站已死。 “需要采取措施:Rails安全漏洞” [英] Site dead. "ACTION REQUIRED: Rails Security Vulnerability "
问题描述
我的网站目前已经死了,因此我无法解释这对我来说有多迫切。
情况:几天前,我收到了一封来自Heroku的电子邮件需要采取措施:Rails安全漏洞,建议我将rails更新到版本3.2.11。在我遵循电子邮件中的所有步骤之后,我尝试打开我的网站。当我看到我无法打开我的网站时,我感到非常惊讶。我的网站是用 RefineryCMS
。
制作的。使用git将我的网站恢复到前一点在什么时候一切都很好?
当我在本地运行网站时,出现以下错误:
$ b
ActiveRecord ::炼油厂中的RecordNotFound :: PagesController#home
无法找到id = torte-za-rodendan的Refinery :: Page:
...
app / views / stranice / naslovnica / _favourite_products.html .erb:7:'_app_views_stranice_naslovnica__favourite_products_html_erb__4156700835010289094_66485000'
app / views / refinery / pages / home.html.erb:16:in _app_views_refinery_pages_home_html_erb ___ 2482419061129865361_67
是的,我们都收到了来自Heroku的电子邮件。 >由于您的网站之前使用git进行了版本控制,因此您可以按照以下这些步骤撤销上次提交。
然而,我不确定你是否真的需要做到以上。你只需要确保你的heroku应用程序在rails 3.2.11上运行 - 这是一个非常严重的安全问题,也许heroku甚至会阻止没有足够快速升级的站点。
请按照以下步骤操作:
git checkout -b new_rails
)
bundle update rails
git checkout master
;可以通过执行 git branch -D new_rails
删除新分支只有在新的分支上才能确保没有任何中断。
如果您以后仍然遇到错误,请告诉我们heroku的日志中有什么。
My site is currently dead therefore I can't explain how urgent for me this is.
Situation: A few days ago I received an e-mail from Heroku "ACTION REQUIRED: Rails Security Vulnerability " advising me to update rails to version '3.2.11'. After I followed all the steps in the e-mail I tried to open my web site. I was extremely surprised when I saw that I can't open my site. My site is made with RefineryCMS
.
Is it possible, using git, to restore my site to the previous point in time when everything was working great?
When I run the site locally I get the following error:
ActiveRecord::RecordNotFound in Refinery::PagesController#home
Couldn't find Refinery::Page with id=torte-za-rodendan
...
app/views/stranice/naslovnica/_favourite_products.html.erb:7:in `_app_views_stranice_naslovnica__favourite_products_html_erb__4156700835010289094_66485000'
app/views/refinery/pages/home.html.erb:16:in `_app_views_refinery_pages_home_html_erb___2482419061129865361_67
Yep, we all got that email from Heroku.
Since your site was versioned with git before, you can undo the last commit by following these steps.
However, I am not sure whether you really need to do the above. You just need to make sure that your heroku app runs on rails 3.2.11 - it is a pretty serious security issue, maybe heroku even blocks sites that aren't upgraded quickly enough.
Follow these steps:
- Run your tests and make sure everything works
- Open up a new branch through git (
git checkout -b new_rails
) - Change Rails 3.2.11 in your Gemfile
- Change RAILS_GEM_VERSION to '3.2.11' in environment.rb
- Run
bundle update rails
- Run the tests and see if everything still works
- If not, reverse back to the old branch by doing
git checkout master
; optionally delete the new branch by doinggit branch -D new_rails
Doing it only on the new branch ensures nothing breaks.
If you still get errors afterwards, please tell us what's in heroku's log.
这篇关于网站已死。 “需要采取措施:Rails安全漏洞”的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!