58e070461663f4d71ce17eb93b17225b20071371 lrnassar Fri Jun 5 10:12:34 2026 -0700 Expand verboten.lst with 18 more patterns surfaced during Phase C1 dry-run of the remaining 12 RTS sessions: leaked state from other CGIs (hgg_, hglft_, hgta_, hgHub_do_search), additional hgTracks UI state (hgt_, hgt_configGroupTarget, hgt_doJsCommand, hgt_mdbVal/Var, rulerBaseZoom, hgTracksConfigPage), debris (European, source, sessionTable_length), per-db reverse-complement toggle (complement_<db>), gateway-style position-search input (search), Track Search dialog state (ts*), and single-letter hgc track selector (g). Also drop pairs with empty or whitespace-tainted keys in scrub() to defend against future cart-string corruption (caught a stray ' hgsid=...' from a manually-edited 2021 cart row in BRCA1_BRCA2_ENIGMA_hg19). Re-fetch the 2 already-seeded files so the whole corpus uses the final scrub list. refs #32768 diff --git src/hg/utils/rts/rtsUpdate src/hg/utils/rts/rtsUpdate index 410e89530c4..39308f91e2b 100755 --- src/hg/utils/rts/rtsUpdate +++ src/hg/utils/rts/rtsUpdate @@ -97,30 +97,34 @@ return pats def split_pairs(contents): return [p for p in contents.split("&") if p] def join_pairs(pairs): return "&".join(pairs) def scrub(pairs, verboten): out = [] for p in pairs: key = p.split("=", 1)[0] + # Drop pairs with empty or whitespace-tainted keys (corruption / stray + # data from manual session edits — e.g. an `& hgsid=...` artifact). + if not key or any(c.isspace() for c in key): + continue if any(rx.match(key) for rx in verboten): continue out.append(p) return sorted(set(out)) def find_db_for_session(session): """Return the assembly db for a session by scanning recTrackSets.<db>.tab. Reads from htdocs/inc/ (the authoritative manifest location).""" for tab in sorted(INC_DIR.glob("recTrackSets.*.tab")): m = re.match(r"recTrackSets\.([A-Za-z0-9]+)\.tab$", tab.name) if not m: continue db = m.group(1) for line in tab.read_text().splitlines():