You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2023/04/14 07:50:00 UTC
[jira] [Resolved] (SLING-2776) A POST that runs into an AccessDeniedException returns a 500 instead of a 403
[ https://issues.apache.org/jira/browse/SLING-2776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler resolved SLING-2776.
-------------------------------------
Resolution: Won't Fix
> A POST that runs into an AccessDeniedException returns a 500 instead of a 403
> -----------------------------------------------------------------------------
>
> Key: SLING-2776
> URL: https://issues.apache.org/jira/browse/SLING-2776
> Project: Sling
> Issue Type: Bug
> Components: Servlets
> Affects Versions: Servlets Post 2.2.0
> Environment: CQ5
> Reporter: Thorben Heins
> Assignee: Felix Meschberger
> Priority: Trivial
>
> If you POST to an url that you are not allowed to POST to, a 500 is returned.
> Here is my suggested fix:
> {code}
> host:~/Downloads/sling $ svn diff
> Index: bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java
> ===================================================================
> --- bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java (revision 1453750)
> +++ bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java (working copy)
> @@ -292,7 +292,11 @@
> String path = getPath();
> if (getProperty(PN_STATUS_CODE) == null) {
> if (getError() != null) {
> - setStatus(500, getError().toString());
> + if (getError() instanceof javax.jcr.AccessDeniedException) {
> + setStatus(403, getError.toString());
> + } else {
> + setStatus(500, getError().toString());
> + }
> setTitle("Error while processing " + path);
> } else {
> if (isCreateRequest()) {
> @@ -376,4 +380,4 @@
> doSend(response);
> }
> -}
> \ No newline at end of file
> +}
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)