[
https://issues.apache.org/jira/browse/OFBIZ-5409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jacques Le Roux updated OFBIZ-5409:
-----------------------------------
Priority: Major (was: Trivial)
Affects Version/s: Release Branch 13.07
Release Branch 12.04
Release Branch 11.04
Assignee: Jacques Le Roux
Issue Type: Bug (was: Improvement)
I change from improvement to bug because the javax.servlet.request.ssl_session
could be exploited to break the SSL security
> JSON Response does not set http status on error
> -----------------------------------------------
>
> Key: OFBIZ-5409
> URL: https://issues.apache.org/jira/browse/OFBIZ-5409
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS
> Affects Versions: Release Branch 11.04, SVN trunk, Release Branch 12.04,
> Release Branch 13.07
> Reporter: Gareth Carter
> Assignee: Jacques Le Roux
> Attachments: CommonEvents.patch, OFBIZ-5409 - Remove internal
> attributes for security reason.patch, before-after.diff
>
>
> When a json response is sent and there was an error in the service called, it
> does not set the http status. Currently status code is always 200 but it
> might be more appropriate to send an error code such as 500.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
