Eric Norman created SLING-10456:
-----------------------------------
Summary: adjust HTTP status code for invalid :redirect value for
usermanager post requests
Key: SLING-10456
URL: https://issues.apache.org/jira/browse/SLING-10456
Project: Sling
Issue Type: Improvement
Reporter: Eric Norman
Assignee: Eric Norman
Fix For: JCR Jackrabbit User Manager 2.2.14
When the usermanager servlets receive an illegal or invalid :redirect parameter
it should return a status code of
[422|https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/422] instead of
200 because the request was not fully successful.
Currently, the illegal :redirect parameter value is detected and a warning is
logged. The request continues to be processed without the redirect occurring.
The client has no indication that something went wrong without reviewing the
server logs.
For example:
Illegal redirect
{code:java}
curl -F displayName=updated -F :redirect=https://sling.apache.org
http://localhost:8080/system/userManager/user/testUser1.update.html
{code}
invalid redirect
{code:java}
curl -F displayName=updated -F :redirect=https://
http://localhost:8080/system/userManager/user/testUser1.update.html
{code}
h4.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
