[jira] [Commented] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

brushed (JIRA) Mon, 04 Jun 2018 14:33:58 -0700


    [ 
https://issues.apache.org/jira/browse/JSPWIKI-1071?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500877#comment-16500877
 ]


brushed commented on JSPWIKI-1071:
----------------------------------

It's a bug in mootools 1.1x  (older version of that library)

 

 

 

> Ajax request header 'Connection' forbidden since 2015
> -----------------------------------------------------
>
>                 Key: JSPWIKI-1071
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-1071
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Templates and UI
>    Affects Versions: 2.10.4
>            Reporter: Miguel Moquillon
>            Assignee: brushed
>            Priority: Major
>
> Since 2015, for security reason, it is no more accepted for Ajax request to 
> set the Connection HTTP header.
> Unfortunately, the Ajax in JSPWiki uses this deprecated and forbidden feature 
> :( 
> For example, in the on-fly preview  of a page edition. So any Ajax requests 
> from JSPs are blocked by the current web browser.
> This affect all versions



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

Reply via email to