[
https://issues.apache.org/jira/browse/SLING-10456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Norman resolved SLING-10456.
---------------------------------
Resolution: Fixed
Merged PR at:
[{{cfdde23}}|https://github.com/apache/sling-org-apache-sling-jcr-jackrabbit-usermanager/commit/cfdde23fbd2bc4b486084ba7e27d42b3187dd565]
> adjust HTTP status code for invalid :redirect value for usermanager post
> requests
> ---------------------------------------------------------------------------------
>
> Key: SLING-10456
> URL: https://issues.apache.org/jira/browse/SLING-10456
> Project: Sling
> Issue Type: Improvement
> Reporter: Eric Norman
> Assignee: Eric Norman
> Priority: Major
> Fix For: JCR Jackrabbit User Manager 2.2.14
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> When the usermanager servlets receive an illegal or invalid :redirect
> parameter it should return a status code of
> [422|https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/422] instead of
> 200 because the request was not fully successful.
> Currently, the illegal :redirect parameter value is detected and a warning is
> logged. The request continues to be processed without the redirect
> occurring. The client has no indication that something went wrong without
> reviewing the server logs.
> For example:
> Illegal redirect
> {code:java}
> curl -F displayName=updated -F :redirect=https://sling.apache.org
> http://localhost:8080/system/userManager/user/testUser1.update.html
> {code}
> invalid redirect
> {code:java}
> curl -F displayName=updated -F :redirect=https://
> http://localhost:8080/system/userManager/user/testUser1.update.html
> {code}
> h4.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
