[CONFSERVER-14341] Confluence "Not Permitted" pages should be served with status code 403 instead of 200

Type: Bug
Resolution: Won't Fix
Priority: Low
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
- no-cvss-required

Bug Fix Policy:
View Atlassian Server bug fix policy

NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

When a user is not permitted to view a page due to the lack of sufficient page level permissions, we currently serve a not permitted page explaining this. This is served with a HTTP status code of 200. This should be fixed and changed to 403.

This would, for example, assist crawlers to not interpret these pages as content.

is related to

CONFSERVER-5819 Page Not Found should return a HTTP Status of 404 not 200

Closed

relates to

CONFCLOUD-14341 Confluence "Not Permitted" pages should be served with status code 403 instead of 200

Closed

Katherine Yabut made changes - 13/Nov/2018 4:43 AM

Workflow

Original: JAC Bug Workflow v3 [ 2894271 ]

New: CONFSERVER Bug Workflow v4 [ 2986819 ]

Owen made changes - 11/Oct/2018 9:00 AM

Workflow	Original: JAC Bug Workflow v2 [ 2778051 ]	New: JAC Bug Workflow v3 [ 2894271 ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]

Owen made changes - 29/Aug/2018 11:12 PM

Workflow

Original: JAC Bug Workflow [ 2734348 ]

New: JAC Bug Workflow v2 [ 2778051 ]

Owen made changes - 02/Jul/2018 7:09 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399756 ]

New: JAC Bug Workflow [ 2734348 ]

Katherine Yabut made changes - 22/Jun/2017 6:53 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 [ 2298673 ]

New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2399756 ]

Katherine Yabut made changes - 31/May/2017 5:39 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2233447 ]

New: Confluence Workflow - Public Facing - Restricted v5 [ 2298673 ]

Katherine Yabut made changes - 31/May/2017 5:00 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2194708 ]

New: Confluence Workflow - Public Facing - Restricted v5.1 - TEMP [ 2233447 ]

Katherine Yabut made changes - 31/May/2017 2:05 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v5 [ 1920281 ]

New: Confluence Workflow - Public Facing - Restricted v5 - TEMP [ 2194708 ]

Katherine Yabut made changes - 03/Apr/2017 3:57 AM

Workflow

Original: Confluence Workflow - Public Facing - Restricted v3 [ 1735022 ]

New: Confluence Workflow - Public Facing - Restricted v5 [ 1920281 ]

jonah (Inactive) made changes - 02/Apr/2017 7:40 AM

Description

Original: When a user is not permitted to view a page due to the lack of sufficient page level permissions, we currently serve a not permitted page explaining this. This is served with a HTTP status code of 200. This should be fixed and changed to 403.

This would, for example, assist crawlers to not interpret these pages as content.

New: {panel:bgColor=#e7f4fa}
*NOTE:* This bug report is for *Confluence Server*. Using *Confluence Cloud*? [See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-14341].
{panel}

When a user is not permitted to view a page due to the lack of sufficient page level permissions, we currently serve a not permitted page explaining this. This is served with a HTTP status code of 200. This should be fixed and changed to 403.

This would, for example, assist crawlers to not interpret these pages as content.

Assignee:: Steve Haffenden (Inactive)

Reporter:: dave (Inactive)

Affected customers:: 1 This affects my team

Watchers:: 1 Start watching this issue

Created:: 02/Feb/2009 12:13 AM

Updated:: 11/Oct/2018 9:00 AM

Resolved:: 01/Feb/2015 11:30 PM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates