Eric Norman created SLING-10456: ----------------------------------- Summary: adjust HTTP status code for invalid :redirect value for usermanager post requests Key: SLING-10456 URL: https://issues.apache.org/jira/browse/SLING-10456 Project: Sling Issue Type: Improvement Reporter: Eric Norman Assignee: Eric Norman Fix For: JCR Jackrabbit User Manager 2.2.14
When the usermanager servlets receive an illegal or invalid :redirect parameter it should return a status code of [422|https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/422] instead of 200 because the request was not fully successful. Currently, the illegal :redirect parameter value is detected and a warning is logged. The request continues to be processed without the redirect occurring. The client has no indication that something went wrong without reviewing the server logs. For example: Illegal redirect {code:java} curl -F displayName=updated -F :redirect=https://sling.apache.org http://localhost:8080/system/userManager/user/testUser1.update.html {code} invalid redirect {code:java} curl -F displayName=updated -F :redirect=https:// http://localhost:8080/system/userManager/user/testUser1.update.html {code} h4. -- This message was sent by Atlassian Jira (v8.3.4#803005)