Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-30220

Redirect for login can break

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Low
    • 5.1.5, 5.2.3, 5.3
    • 5.1.5
    • None

    Description

      After applying the patch for CONF-30221, login redirects can contain a ${originalurl} parameter, instead of the original URL that requires a login.

      If you have configured all of the below:

      1. allowed anonymous access in global permissions
      2. allowed anonymous view in space permissions
      3. restricted some content in that space so that anonymous cannot view it.

      Then any time a non-logged-in user tries to view the restricted content they will be redirected to a login page normally, but once they are logged in they will be redirected to the site homepage, not their original destination.

      Workaround

      Once the user has logged in, they should manually navigate back to the page they intended to view.

      Attachments

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-30221 OGNL double evaluation in atlassian-xwork

          • Highest - Our top priority issues
          • Closed

          Activity

            People

              richatkins Richard Atkins
              richatkins Richard Atkins
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: