Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-39068

"Edit in Word" using path based authentication is broken in Confluence 3.3.x and above

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • None
    • None
    • None

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      In the standalone distribution of Confluence 3.3.x and above the session cookie is sent using the HttpOnly attribute.
      This breaks the following Javascript that is used to rewrite the path for the "Edit in Word" feature.

      Zen/src/main/resources/templates/extra/editinword/editInOffice.js:

      function getCookie( check_name ) {
    // first we'll split this cookie up into name/value pairs
    // note: document.cookie only returns name=value, not the other components
    var a_all_cookies = document.cookie.split( ';' );

      For HttpOnly cookies document.cookies returns null and jsessionid in the filterPath function is null. 

      function filterPath(urlPath)
{
    var jsession = getCookie('jsessionid');
    if (!jsession){
        jsession = getCookie('JSESSIONID');
    }
    if (jsession){

      Workaround

      Please see http://confluence.atlassian.com/display/CONFKB/%27Edit+in+Word%27+Requires+Login+or+Doesn%27t+Work+at+All for a workaround.

              Unassigned Unassigned
              ssaasen Stefan Saasen (Inactive)
              Votes:
              2 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: