[SLING-10452] adjust HTTP status code for invalid :redirect value for modifyAce/deleteAce post request - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: JCR Jackrabbit Access Manager 3.0.10
Component/s: None
Labels:
None

Description

When the modifyAce/deleteAce servlets receive an illegal or invalid :redirect parameter it should return a status code of 422 instead of 200 because the request was not fully successful.

Currently, the illegal :redirect parameter value is detected and a warning is logged. The request continues to be processed without the redirect occurring. The client has no indication that something went wrong without reviewing the server logs.

For example:

Illegal redirect

curl -F principalId=myuser -F privilege@jcr:read=granted -F :redirect=https://sling.apache.org http://localhost:8080/test/node.modifyAce.html

invalid redirect

curl -F principalId=myuser -F privilege@jcr:read=granted -F :redirect=https:// http://localhost:8080/test/node.modifyAce.html

Attachments

Issue Links

links to

PR #4

Activity

People

Assignee:: Eric Norman

Reporter:: Eric Norman

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 02/Jun/21 17:43

Updated:: 10/Jun/21 18:22

Resolved:: 02/Jun/21 20:40

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h