You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by GitBox <gi...@apache.org> on 2021/06/02 17:54:06 UTC

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman opened a new pull request #4: SLING-10452 adjust HTTP status code for invalid :redirect value for modifyAce/deleteAce post request

enapps-enorman opened a new pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/4


   When the modifyAce/deleteAce servlets receive an illegal or invalid :redirect parameter it should return a status code of 422 instead of 200 because the request was not fully successful.
   
   Currently, the illegal :redirect parameter value is detected and a warning is logged.  The request continues to be processed without the redirect occurring.  The client has no indication that something went wrong without reviewing the server logs.
   
   For example:
   
   Illegal redirect 
   
   curl -F principalId=myuser -F privilege@jcr:read=granted -F :redirect=https://sling.apache.org http://localhost:8080/test/node.modifyAce.html
   
   invalid redirect
   
   curl -F principalId=myuser -F privilege@jcr:read=granted -F :redirect=https:// http://localhost:8080/test/node.modifyAce.html


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] sonarcloud[bot] commented on pull request #4: SLING-10452 adjust HTTP status code for invalid :redirect value for modifyAce/deleteAce post request

Posted by GitBox <gi...@apache.org>.

sonarcloud[bot] commented on pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/4#issuecomment-853266759


   SonarCloud Quality Gate failed.
   
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug.png' alt='Bug' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=BUG) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=BUG)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability.png' alt='Vulnerability' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=VULNERABILITY) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=VULNERABILITY)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot.png' alt='Security Hotspot' width='16' height='16' />](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=SECURITY_HOTSPOT)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell.png' alt='Code Smell' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=CODE_SMELL) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B.png' alt='B' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=CODE_SMELL) [3 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&resolved=false&types=CODE_SMELL)
   
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/90.png' alt='92.3%' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&metric=new_coverage&view=list) [92.3% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&metric=new_coverage&view=list)  
   [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3.png' alt='0.0%' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-jackrabbit-accessmanager&pullRequest=4&metric=new_duplicated_lines_density&view=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [sling-org-apache-sling-jcr-jackrabbit-accessmanager] enapps-enorman merged pull request #4: SLING-10452 adjust HTTP status code for invalid :redirect value for modifyAce/deleteAce post request

Posted by GitBox <gi...@apache.org>.

enapps-enorman merged pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-accessmanager/pull/4


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org