What happened?
While I was looking trying to debug some issues with upgrading matomo recently, I saw an info block on the update page that says certain information is hidden for security purposes, but that information can be displayed by setting the update_details_token in the config file and adding the query parameter updateTokenDetails to the update page's url. I believe that updateTokenDetails is actually a typo and if you use it the extra update details will not be displayed. When I was looking into the code that controls the display of the notification, it's actually looking for a query parameter called updateDetailsToken.
"Update details are hidden for security. To view them:
- Add the updateTokenDetails GET parameter to the URL ([General] update_details_token in config.ini.php), or
- Run the update via command line."
This is the template where the notification is located: https://github.com/matomo-org/matomo/blob/5.x-dev/plugins/CoreUpdater/templates/runUpdaterAndExit_welcome.twig#L70
And here is the Controller code that references the query parameter https://github.com/matomo-org/matomo/blob/5.x-dev/plugins/CoreUpdater/Controller.php#L474
What should happen?
The text in the notification should be updated to use the correct name of the query paramter.
How can this be reproduced?
- Set
update_details_token = "test" in config.ini.php
- View the matomo core update page
index.php?module=CoreUpdater&action= to see the info notification being displayed
- Revisit the page using the query parameter
&updateTokenDetails=test in the URL
- Revisit the page using the query parameter
&updateDetailsToken=test in the URL
- Compare the two views.
Matomo version
5.8.0
PHP version
No response
Server operating system
No response
What browsers are you seeing the problem on?
No response
Computer operating system
No response
Relevant log output
Validations
What happened?
While I was looking trying to debug some issues with upgrading matomo recently, I saw an info block on the update page that says certain information is hidden for security purposes, but that information can be displayed by setting the
update_details_tokenin the config file and adding the query parameterupdateTokenDetailsto the update page's url. I believe that updateTokenDetails is actually a typo and if you use it the extra update details will not be displayed. When I was looking into the code that controls the display of the notification, it's actually looking for a query parameter calledupdateDetailsToken."Update details are hidden for security. To view them:
This is the template where the notification is located: https://github.com/matomo-org/matomo/blob/5.x-dev/plugins/CoreUpdater/templates/runUpdaterAndExit_welcome.twig#L70
And here is the Controller code that references the query parameter https://github.com/matomo-org/matomo/blob/5.x-dev/plugins/CoreUpdater/Controller.php#L474
What should happen?
The text in the notification should be updated to use the correct name of the query paramter.
How can this be reproduced?
update_details_token = "test"inconfig.ini.phpindex.php?module=CoreUpdater&action=to see the info notification being displayed&updateTokenDetails=testin the URL&updateDetailsToken=testin the URLMatomo version
5.8.0
PHP version
No response
Server operating system
No response
What browsers are you seeing the problem on?
No response
Computer operating system
No response
Relevant log output
Validations