Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-29144

Directly being linked to an attachment before logging in will redirect to a 'action not permitted' message

XMLWordPrintable

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      If a user receives a direct link to a file on Confluence, they used to be asked to log in, and were then redirected to the file.

      However, since 5.1-OD-5, the redirect instead sends the user to a 'This action is not permitted' page after being logged in.

      The login screen will direct to login.action?os_destination=%2Fnotpermitted.action%3Fversion%3D1%26modificationDate%3D1366730801169%26api%3Dv2, instead of login?dest-url=%2Fwiki%2Fdownload%2Fattachments%2F622598%2Ffilename%3Fapi%3Dv2

      This prevents users from opening files easily from their email notifications.

      Steps to reproduce
      In a default Confluence instance.

      • Create a new Space and File list
      • Upload a file
      • Once uploaded, copy the link URL to the file.
      • Log out
      • Paste the link in your browser
        • You will be asked to log in
      • Log in, and you will see 'Action not permitted'

      Note:
      Able to replicate with 'user logged in initially' in Confluence version 5.3.4.

        1. Screen Shot 2014-03-21 at 4.06.50 PM.png
          Screen Shot 2014-03-21 at 4.06.50 PM.png
          56 kB

              gvotruong Giang Vo
              imaduro Ivan Maduro (Inactive)
              Votes:
              47 Vote for this issue
              Watchers:
              65 Start watching this issue

                Created:
                Updated:
                Resolved: