Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-29144

Directly being linked to an attachment before logging in will redirect to a 'action not permitted' message

    XMLWordPrintable

Details

    Description

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      If a user receives a direct link to a file on Confluence, they used to be asked to log in, and were then redirected to the file.

      However, since 5.1-OD-5, the redirect instead sends the user to a 'This action is not permitted' page after being logged in.

      The login screen will direct to login.action?os_destination=%2Fnotpermitted.action%3Fversion%3D1%26modificationDate%3D1366730801169%26api%3Dv2, instead of login?dest-url=%2Fwiki%2Fdownload%2Fattachments%2F622598%2Ffilename%3Fapi%3Dv2

      This prevents users from opening files easily from their email notifications.

      Steps to reproduce
      In a default Confluence instance.

      • Create a new Space and File list
      • Upload a file
      • Once uploaded, copy the link URL to the file.
      • Log out
      • Paste the link in your browser
        • You will be asked to log in
      • Log in, and you will see 'Action not permitted'

      Note:
      Able to replicate with 'user logged in initially' in Confluence version 5.3.4.

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-31122 REF: CONF-29144 - "Directly being linked to an attachment before logging in will redirect to a 'action not permitted' message"

          • High - High priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-30930 Directly downloading an attachment will fail if not logged in

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-29302 Attempting to view attachment from an email link will always redirect to the 'Not permitted' page when the user is initially not logged in

          • Low - Low priority issues
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-35884 ${originalurl} does not include server base url for attachment urls

          • Medium - Medium priority issues
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFCLOUD-29144 Directly being linked to an attachment before logging in will redirect to a 'action not permitted' message

          • Medium - Medium priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-33015 It redirects to Confluence home when click on Japanese name attached files

          • Low - Low priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-35249 last-updated macro doesn't display anonymous profile picture but broken image

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

          Activity

            People

              gvotruong Giang Vo
              imaduro Ivan Maduro (Inactive)
              Votes:
              47 Vote for this issue
              Watchers:
              65 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: