Keyboardshortcuts REST call return 500

XMLWordPrintable

    • Type: Bug
    • Resolution: Won't Fix
    • Priority: Low
    • None
    • Affects Version/s: None
    • Component/s: None
    • None

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      The keyboard shortcut REST call seems to be a potential failing point face to DoS attack:

      [root@test ~]# curl -I -X GET "https://confluence.atlassian.com/rest/prototype/1/i18n?locale=%3Cscript%20src%3Dhttp%3A%2F%2Flocalhost%2Fj%20&pluginKeys=com.atlassian.confluence.keyboardshortcuts&pluginKeys=com.atlassian.plugins.editor"
HTTP/1.1 500 Internal Server Error
Date: Tue, 28 May 2013 07:45:22 GMT
Server: Apache-Coyote/1.1
Cache-Control: no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: JSESSIONID=170C9ADB0247492D66B79F72E1B34A23; Path=/; HttpOnly
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked

            Assignee:
            Unassigned
            Reporter:
            Yilin (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: