[jira] [Commented] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

ASF subversion and git services (JIRA) Tue, 05 Jun 2018 13:46:08 -0700


    [ 
https://issues.apache.org/jira/browse/JSPWIKI-1071?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16502477#comment-16502477
 ]


ASF subversion and git services commented on JSPWIKI-1071:
----------------------------------------------------------

Commit dbbe7f67ad0398e04cb11ad0ce5569a12eb6f911 in jspwiki's branch 
refs/heads/master from [~brushed]
[ https://gitbox.apache.org/repos/asf?p=jspwiki.git;h=dbbe7f6 ]

2.10.5-git-03  JSPWIKI-1071 Ajax request header 'Connection' forbidden


> Ajax request header 'Connection' forbidden since 2015
> -----------------------------------------------------
>
>                 Key: JSPWIKI-1071
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-1071
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Templates and UI
>    Affects Versions: 2.10.4
>            Reporter: Miguel Moquillon
>            Assignee: brushed
>            Priority: Major
>
> Since 2015, for security reason, it is no more accepted for Ajax request to 
> set the Connection HTTP header.
> Unfortunately, the Ajax in JSPWiki uses this deprecated and forbidden feature 
> :( 
> For example, in the on-fly preview  of a page edition. So any Ajax requests 
> from JSPs are blocked by the current web browser.
> This affect all versions



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

Reply via email to